REST Resource: securityPolicies

Resource: SecurityPolicy

Represents a Google Cloud Armor security policy resource.

Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.

JSON representation
{
  "id": string,
  "creationTimestamp": string,
  "name": string,
  "description": string,
  "rules": [
    {
      "description": string,
      "priority": integer,
      "match": {
        "expr": {
          "expression": string,
          "title": string,
          "description": string,
          "location": string
        },
        "versionedExpr": enum,
        "config": {
          "srcIpRanges": [
            string
          ],
          "destIpRanges": [
            string
          ],
          "layer4Configs": [
            {
              "ipProtocol": string,
              "ports": [
                string
              ]
            }
          ]
        }
      },
      "action": string,
      "preview": boolean,
      "direction": enum,
      "targetResources": [
        string
      ],
      "enableLogging": boolean,
      "ruleTupleCount": integer,
      "rateLimitOptions": {
        "rateLimitThreshold": {
          "count": integer,
          "intervalSec": integer
        },
        "conformAction": string,
        "exceedAction": string,
        "enforceOnKey": enum,
        "enforceOnKeyName": string,
        "banThreshold": {
          "count": integer,
          "intervalSec": integer
        },
        "banDurationSec": integer
      },
      "targetServiceAccounts": [
        string
      ],
      "ruleNumber": string,
      "headerAction": {
        "requestHeadersToAdds": [
          {
            "headerName": string,
            "headerValue": string
          }
        ]
      },
      "redirectOptions": {
        "type": enum,
        "target": string
      },
      "kind": string
    }
  ],
  "adaptiveProtectionConfig": {
    "layer7DdosDefenseConfig": {
      "enable": boolean,
      "ruleVisibility": enum
    }
  },
  "advancedOptionsConfig": {
    "jsonParsing": enum,
    "logLevel": enum
  },
  "fingerprint": string,
  "selfLink": string,
  "selfLinkWithId": string,
  "type": enum,
  "associations": [
    {
      "name": string,
      "attachmentId": string,
      "securityPolicyId": string,
      "displayName": string
    }
  ],
  "labels": {
    string: string,
    ...
  },
  "labelFingerprint": string,
  "ruleTupleCount": integer,
  "displayName": string,
  "parent": string,
  "kind": string
}
Fields
id

string (uint64 format)

[Output Only] The unique identifier for the resource. This identifier is defined by the server.

creationTimestamp

string

[Output Only] Creation timestamp in R