Access Context Manager V1 API - Class Google::Identity::AccessContextManager::V1::ServicePerimeterConfig (v0.8.0)

Reference documentation and code samples for the Access Context Manager V1 API class Google::Identity::AccessContextManager::V1::ServicePerimeterConfig.

ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#access_levels

def access_levels() -> ::Array<::String>
Returns
  • (::Array<::String>) — A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.

#access_levels=

def access_levels=(value) -> ::Array<::String>
Parameter
  • value (::Array<::String>) — A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
Returns
  • (::Array<::String>) — A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.

#egress_policies

def egress_policies() -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>
Returns
  • (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>) — List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.

#egress_policies=

def egress_policies=(value) -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>
Parameter
  • value (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>) — List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.
Returns
  • (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>) — List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.

#ingress_policies

def ingress_policies() -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>
Returns
  • (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>) — List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.

#ingress_policies=

def ingress_policies=(value) -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>
Parameter
  • value (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>) — List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.
Returns
  • (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>) — List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.

#resources

def resources() -> ::Array<::String>
Returns
  • (::Array<::String>) — A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

#resources=

def resources=(value) -> ::Array<::String>
Parameter
  • value (::Array<::String>) — A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
Returns
  • (::Array<::String>) — A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

#restricted_services

def restricted_services() -> ::Array<::String>
Returns
  • (::Array<::String>) — Google Cloud services that are subject to the Service Perimeter restrictions. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

#restricted_services=

def restricted_services=(value) -> ::Array<::String>
Parameter
  • value (::Array<::String>) — Google Cloud services that are subject to the Service Perimeter restrictions. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
Returns
  • (::Array<::String>) — Google Cloud services that are subject to the Service Perimeter restrictions. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

#vpc_accessible_services

def vpc_accessible_services() -> ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices
Returns

#vpc_accessible_services=

def vpc_accessible_services=(value) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices
Parameter
Returns