public static final class ServicePerimeterConfig.EgressTo extends GeneratedMessageV3 implements ServicePerimeterConfig.EgressToOrBuilder
Defines the conditions under which an [EgressPolicy]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy]
matches a request. Conditions are based on information about the
[ApiOperation]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
intended to be performed on the resources
specified. Note that if the
destination of the request is also protected by a [ServicePerimeter]
[google.identity.accesscontextmanager.v1.ServicePerimeter], then that
[ServicePerimeter]
[google.identity.accesscontextmanager.v1.ServicePerimeter] must have
an [IngressPolicy]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy]
which allows access in order for this request to succeed. The request must
match operations
AND resources
fields in order to be allowed egress out
of the perimeter.
Protobuf type google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo
Inherited Members
com.google.protobuf.GeneratedMessageV3.<ListT>makeMutableCopy(ListT)
com.google.protobuf.GeneratedMessageV3.<ListT>makeMutableCopy(ListT,int)
com.google.protobuf.GeneratedMessageV3.<T>emptyList(java.lang.Class<T>)
com.google.protobuf.GeneratedMessageV3.internalGetMapFieldReflection(int)
Static Fields
EXTERNAL_RESOURCES_FIELD_NUMBER
public static final int EXTERNAL_RESOURCES_FIELD_NUMBER
Field Value |
Type |
Description |
int |
|
OPERATIONS_FIELD_NUMBER
public static final int OPERATIONS_FIELD_NUMBER
Field Value |
Type |
Description |
int |
|
RESOURCES_FIELD_NUMBER
public static final int RESOURCES_FIELD_NUMBER
Field Value |
Type |
Description |
int |
|
Static Methods
getDefaultInstance()
public static ServicePerimeterConfig.EgressTo getDefaultInstance()
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
newBuilder()
public static ServicePerimeterConfig.EgressTo.Builder newBuilder()
newBuilder(ServicePerimeterConfig.EgressTo prototype)
public static ServicePerimeterConfig.EgressTo.Builder newBuilder(ServicePerimeterConfig.EgressTo prototype)
parseDelimitedFrom(InputStream input)
public static ServicePerimeterConfig.EgressTo parseDelimitedFrom(InputStream input)
parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeterConfig.EgressTo parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(byte[] data)
public static ServicePerimeterConfig.EgressTo parseFrom(byte[] data)
Parameter |
Name |
Description |
data |
byte[]
|
parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeterConfig.EgressTo parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteString data)
public static ServicePerimeterConfig.EgressTo parseFrom(ByteString data)
parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeterConfig.EgressTo parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
parseFrom(CodedInputStream input)
public static ServicePerimeterConfig.EgressTo parseFrom(CodedInputStream input)
parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeterConfig.EgressTo parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(InputStream input)
public static ServicePerimeterConfig.EgressTo parseFrom(InputStream input)
parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeterConfig.EgressTo parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteBuffer data)
public static ServicePerimeterConfig.EgressTo parseFrom(ByteBuffer data)
parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeterConfig.EgressTo parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
parser()
public static Parser<ServicePerimeterConfig.EgressTo> parser()
Methods
equals(Object obj)
public boolean equals(Object obj)
Parameter |
Name |
Description |
obj |
Object
|
Overrides
getDefaultInstanceForType()
public ServicePerimeterConfig.EgressTo getDefaultInstanceForType()
getExternalResources(int index)
public String getExternalResources(int index)
A list of external resources that are allowed to be accessed. Only AWS
and Azure resources are supported. For Amazon S3, the supported format is
s3://BUCKET_NAME. For Azure Storage, the supported format is
azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches
if it contains an external resource in this list (Example:
s3://bucket/path). Currently '*' is not allowed.
repeated string external_resources = 3;
Parameter |
Name |
Description |
index |
int
The index of the element to return.
|
Returns |
Type |
Description |
String |
The externalResources at the given index.
|
getExternalResourcesBytes(int index)
public ByteString getExternalResourcesBytes(int index)
A list of external resources that are allowed to be accessed. Only AWS
and Azure resources are supported. For Amazon S3, the supported format is
s3://BUCKET_NAME. For Azure Storage, the supported format is
azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches
if it contains an external resource in this list (Example:
s3://bucket/path). Currently '*' is not allowed.
repeated string external_resources = 3;
Parameter |
Name |
Description |
index |
int
The index of the value to return.
|
Returns |
Type |
Description |
ByteString |
The bytes of the externalResources at the given index.
|
getExternalResourcesCount()
public int getExternalResourcesCount()
A list of external resources that are allowed to be accessed. Only AWS
and Azure resources are supported. For Amazon S3, the supported format is
s3://BUCKET_NAME. For Azure Storage, the supported format is
azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches
if it contains an external resource in this list (Example:
s3://bucket/path). Currently '*' is not allowed.
repeated string external_resources = 3;
Returns |
Type |
Description |
int |
The count of externalResources.
|
getExternalResourcesList()
public ProtocolStringList getExternalResourcesList()
A list of external resources that are allowed to be accessed. Only AWS
and Azure resources are supported. For Amazon S3, the supported format is
s3://BUCKET_NAME. For Azure Storage, the supported format is
azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches
if it contains an external resource in this list (Example:
s3://bucket/path). Currently '*' is not allowed.
repeated string external_resources = 3;
getOperations(int index)
public ServicePerimeterConfig.ApiOperation getOperations(int index)
A list of [ApiOperations]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
allowed to be performed by the sources specified in the corresponding
[EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it uses an operation/service in this list.
repeated .google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation operations = 2;
Parameter |
Name |
Description |
index |
int
|
getOperationsCount()
public int getOperationsCount()
A list of [ApiOperations]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
allowed to be performed by the sources specified in the corresponding
[EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it uses an operation/service in this list.
repeated .google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation operations = 2;
Returns |
Type |
Description |
int |
|
getOperationsList()
public List<ServicePerimeterConfig.ApiOperation> getOperationsList()
A list of [ApiOperations]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
allowed to be performed by the sources specified in the corresponding
[EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it uses an operation/service in this list.
repeated .google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation operations = 2;
getOperationsOrBuilder(int index)
public ServicePerimeterConfig.ApiOperationOrBuilder getOperationsOrBuilder(int index)
A list of [ApiOperations]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
allowed to be performed by the sources specified in the corresponding
[EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it uses an operation/service in this list.
repeated .google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation operations = 2;
Parameter |
Name |
Description |
index |
int
|
getOperationsOrBuilderList()
public List<? extends ServicePerimeterConfig.ApiOperationOrBuilder> getOperationsOrBuilderList()
A list of [ApiOperations]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
allowed to be performed by the sources specified in the corresponding
[EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it uses an operation/service in this list.
repeated .google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation operations = 2;
Returns |
Type |
Description |
List<? extends com.google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperationOrBuilder> |
|
getParserForType()
public Parser<ServicePerimeterConfig.EgressTo> getParserForType()
Overrides
getResources(int index)
public String getResources(int index)
A list of resources, currently only projects in the form
projects/<projectnumber>
, that are allowed to be accessed by sources
defined in the corresponding [EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it contains a resource in this list. If *
is
specified for resources
, then this [EgressTo]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo]
rule will authorize access to all resources outside the perimeter.
repeated string resources = 1;
Parameter |
Name |
Description |
index |
int
The index of the element to return.
|
Returns |
Type |
Description |
String |
The resources at the given index.
|
getResourcesBytes(int index)
public ByteString getResourcesBytes(int index)
A list of resources, currently only projects in the form
projects/<projectnumber>
, that are allowed to be accessed by sources
defined in the corresponding [EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it contains a resource in this list. If *
is
specified for resources
, then this [EgressTo]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo]
rule will authorize access to all resources outside the perimeter.
repeated string resources = 1;
Parameter |
Name |
Description |
index |
int
The index of the value to return.
|
Returns |
Type |
Description |
ByteString |
The bytes of the resources at the given index.
|
getResourcesCount()
public int getResourcesCount()
A list of resources, currently only projects in the form
projects/<projectnumber>
, that are allowed to be accessed by sources
defined in the corresponding [EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it contains a resource in this list. If *
is
specified for resources
, then this [EgressTo]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo]
rule will authorize access to all resources outside the perimeter.
repeated string resources = 1;
Returns |
Type |
Description |
int |
The count of resources.
|
getResourcesList()
public ProtocolStringList getResourcesList()
A list of resources, currently only projects in the form
projects/<projectnumber>
, that are allowed to be accessed by sources
defined in the corresponding [EgressFrom]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom].
A request matches if it contains a resource in this list. If *
is
specified for resources
, then this [EgressTo]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo]
rule will authorize access to all resources outside the perimeter.
repeated string resources = 1;
getSerializedSize()
public int getSerializedSize()
Returns |
Type |
Description |
int |
|
Overrides
hashCode()
Returns |
Type |
Description |
int |
|
Overrides
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Overrides
isInitialized()
public final boolean isInitialized()
Overrides
newBuilderForType()
public ServicePerimeterConfig.EgressTo.Builder newBuilderForType()
newBuilderForType(GeneratedMessageV3.BuilderParent parent)
protected ServicePerimeterConfig.EgressTo.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Overrides
newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Returns |
Type |
Description |
Object |
|
Overrides
toBuilder()
public ServicePerimeterConfig.EgressTo.Builder toBuilder()
writeTo(CodedOutputStream output)
public void writeTo(CodedOutputStream output)
Overrides