- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization Scopes
- IAM Permissions
- Examples
- Try it!
Gets a rule at the specified priority.
HTTP request
GET https://compute.googleapis.com/compute/v1/projects/{project}/global/securityPolicies/{resourceId}/getRule
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
project |
Project ID for this request. |
resourceId |
Name of the security policy to which the queried rule belongs. |
Query parameters
Parameters | |
---|---|
priority |
The priority of the rule to get from the security policy. |
Request body
The request body must be empty.
Response body
If successful, the response body contains data with the following structure:
JSON representation | |
---|---|
{ "description": string, "priority": integer, "match": { "expr": { "expression": string, "title": string, "description": string, "location": string }, "versionedExpr": enum, "config": { "srcIpRanges": [ string ] } }, "action": string, "preview": boolean, "kind": string } |
Fields | |
---|---|
description |
An optional description of this resource. Provide this property when you create the resource. |
priority |
An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. |
match |
A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. |
match.expr |
User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. |
match.expr.expression |
Textual representation of an expression in Common Expression Language syntax. |
match.expr.title |
Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. |
match.expr.description |
Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. |
match.expr.location |
Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. |
match.versionedExpr |
Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. |
match.config |
The configuration options available when specifying versionedExpr. This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. |
match.config.srcIpRanges[] |
CIDR IP address range. Maximum number of src_ip_ranges allowed is 10. |
action |
The Action to preform when the client connection triggers the rule. Can currently be either "allow" or "deny( |
preview |
If set to true, the specified action is not enforced. |
kind |
[Output only] Type of the resource. Always |
Authorization Scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/compute
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
In addition to any permissions specified on the fields above, authorization requires one or more of the following IAM permissions:
compute.securityPolicies.get
To find predefined roles that contain those permissions, see Compute Engine IAM Roles.