Class SecuritySettings.Builder (1.45.0)

public static final class SecuritySettings.Builder extends GeneratedMessageV3.Builder<SecuritySettings.Builder> implements SecuritySettingsOrBuilder

The authentication and authorization settings for a BackendService.

Protobuf type google.cloud.compute.v1.SecuritySettings

Static Methods

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

Methods

addAllSubjectAltNames(Iterable<String> values)

public SecuritySettings.Builder addAllSubjectAltNames(Iterable<String> values)

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Parameter
NameDescription
valuesIterable<String>

The subjectAltNames to add.

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

public SecuritySettings.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
SecuritySettings.Builder
Overrides

addSubjectAltNames(String value)

public SecuritySettings.Builder addSubjectAltNames(String value)

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Parameter
NameDescription
valueString

The subjectAltNames to add.

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

addSubjectAltNamesBytes(ByteString value)

public SecuritySettings.Builder addSubjectAltNamesBytes(ByteString value)

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Parameter
NameDescription
valueByteString

The bytes of the subjectAltNames to add.

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

build()

public SecuritySettings build()
Returns
TypeDescription
SecuritySettings

buildPartial()

public SecuritySettings buildPartial()
Returns
TypeDescription
SecuritySettings

clear()

public SecuritySettings.Builder clear()
Returns
TypeDescription
SecuritySettings.Builder
Overrides

clearAwsV4Authentication()

public SecuritySettings.Builder clearAwsV4Authentication()

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Returns
TypeDescription
SecuritySettings.Builder

clearClientTlsPolicy()

public SecuritySettings.Builder clearClientTlsPolicy()

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted.

optional string client_tls_policy = 462325226;

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

clearField(Descriptors.FieldDescriptor field)

public SecuritySettings.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
NameDescription
fieldFieldDescriptor
Returns
TypeDescription
SecuritySettings.Builder
Overrides

clearOneof(Descriptors.OneofDescriptor oneof)

public SecuritySettings.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
NameDescription
oneofOneofDescriptor
Returns
TypeDescription
SecuritySettings.Builder
Overrides

clearSubjectAltNames()

public SecuritySettings.Builder clearSubjectAltNames()

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

clone()

public SecuritySettings.Builder clone()
Returns
TypeDescription
SecuritySettings.Builder
Overrides

getAwsV4Authentication()

public AWSV4Signature getAwsV4Authentication()

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Returns
TypeDescription
AWSV4Signature

The awsV4Authentication.

getAwsV4AuthenticationBuilder()

public AWSV4Signature.Builder getAwsV4AuthenticationBuilder()

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Returns
TypeDescription
AWSV4Signature.Builder

getAwsV4AuthenticationOrBuilder()

public AWSV4SignatureOrBuilder getAwsV4AuthenticationOrBuilder()

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Returns
TypeDescription
AWSV4SignatureOrBuilder

getClientTlsPolicy()

public String getClientTlsPolicy()

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted.

optional string client_tls_policy = 462325226;

Returns
TypeDescription
String

The clientTlsPolicy.

getClientTlsPolicyBytes()

public ByteString getClientTlsPolicyBytes()

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted.

optional string client_tls_policy = 462325226;

Returns
TypeDescription
ByteString

The bytes for clientTlsPolicy.

getDefaultInstanceForType()

public SecuritySettings getDefaultInstanceForType()
Returns
TypeDescription
SecuritySettings

getDescriptorForType()

public Descriptors.Descriptor getDescriptorForType()
Returns
TypeDescription
Descriptor
Overrides

getSubjectAltNames(int index)

public String getSubjectAltNames(int index)

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Parameter
NameDescription
indexint

The index of the element to return.

Returns
TypeDescription
String

The subjectAltNames at the given index.

getSubjectAltNamesBytes(int index)

public ByteString getSubjectAltNamesBytes(int index)

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Parameter
NameDescription
indexint

The index of the value to return.

Returns
TypeDescription
ByteString

The bytes of the subjectAltNames at the given index.

getSubjectAltNamesCount()

public int getSubjectAltNamesCount()

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Returns
TypeDescription
int

The count of subjectAltNames.

getSubjectAltNamesList()

public ProtocolStringList getSubjectAltNamesList()

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Returns
TypeDescription
ProtocolStringList

A list containing the subjectAltNames.

hasAwsV4Authentication()

public boolean hasAwsV4Authentication()

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Returns
TypeDescription
boolean

Whether the awsV4Authentication field is set.

hasClientTlsPolicy()

public boolean hasClientTlsPolicy()

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted.

optional string client_tls_policy = 462325226;

Returns
TypeDescription
boolean

Whether the clientTlsPolicy field is set.

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

mergeAwsV4Authentication(AWSV4Signature value)

public SecuritySettings.Builder mergeAwsV4Authentication(AWSV4Signature value)

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Parameter
NameDescription
valueAWSV4Signature
Returns
TypeDescription
SecuritySettings.Builder

mergeFrom(SecuritySettings other)

public SecuritySettings.Builder mergeFrom(SecuritySettings other)
Parameter
NameDescription
otherSecuritySettings
Returns
TypeDescription
SecuritySettings.Builder

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public SecuritySettings.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
SecuritySettings.Builder
Overrides
Exceptions
TypeDescription
IOException

mergeFrom(Message other)

public SecuritySettings.Builder mergeFrom(Message other)
Parameter
NameDescription
otherMessage
Returns
TypeDescription
SecuritySettings.Builder
Overrides

mergeUnknownFields(UnknownFieldSet unknownFields)

public final SecuritySettings.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter
NameDescription
unknownFieldsUnknownFieldSet
Returns
TypeDescription
SecuritySettings.Builder
Overrides

setAwsV4Authentication(AWSV4Signature value)

public SecuritySettings.Builder setAwsV4Authentication(AWSV4Signature value)

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Parameter
NameDescription
valueAWSV4Signature
Returns
TypeDescription
SecuritySettings.Builder

setAwsV4Authentication(AWSV4Signature.Builder builderForValue)

public SecuritySettings.Builder setAwsV4Authentication(AWSV4Signature.Builder builderForValue)

The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

optional .google.cloud.compute.v1.AWSV4Signature aws_v4_authentication = 433993111;

Parameter
NameDescription
builderForValueAWSV4Signature.Builder
Returns
TypeDescription
SecuritySettings.Builder

setClientTlsPolicy(String value)

public SecuritySettings.Builder setClientTlsPolicy(String value)

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted.

optional string client_tls_policy = 462325226;

Parameter
NameDescription
valueString

The clientTlsPolicy to set.

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

setClientTlsPolicyBytes(ByteString value)

public SecuritySettings.Builder setClientTlsPolicyBytes(ByteString value)

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted.

optional string client_tls_policy = 462325226;

Parameter
NameDescription
valueByteString

The bytes for clientTlsPolicy to set.

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

setField(Descriptors.FieldDescriptor field, Object value)

public SecuritySettings.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
SecuritySettings.Builder
Overrides

setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)

public SecuritySettings.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters
NameDescription
fieldFieldDescriptor
indexint
valueObject
Returns
TypeDescription
SecuritySettings.Builder
Overrides

setSubjectAltNames(int index, String value)

public SecuritySettings.Builder setSubjectAltNames(int index, String value)

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).

repeated string subject_alt_names = 330029535;

Parameters
NameDescription
indexint

The index to set the value at.

valueString

The subjectAltNames to set.

Returns
TypeDescription
SecuritySettings.Builder

This builder for chaining.

setUnknownFields(UnknownFieldSet unknownFields)

public final SecuritySettings.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter
NameDescription
unknownFieldsUnknownFieldSet
Returns
TypeDescription
SecuritySettings.Builder
Overrides