- 1.64.0 (latest)
- 1.63.0
- 1.62.0
- 1.61.0
- 1.59.0
- 1.58.0
- 1.57.0
- 1.56.0
- 1.55.0
- 1.54.0
- 1.53.0
- 1.52.0
- 1.51.0
- 1.50.0
- 1.49.0
- 1.47.0
- 1.46.0
- 1.45.0
- 1.44.0
- 1.43.0
- 1.42.0
- 1.41.0
- 1.40.0
- 1.39.0
- 1.38.0
- 1.37.0
- 1.34.0
- 1.33.0
- 1.32.0
- 1.31.0
- 1.30.0
- 1.29.0
- 1.28.0
- 1.27.0
- 1.26.0
- 1.25.0
- 1.24.0
- 1.23.0
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.0
- 1.18.0
- 1.17.0
- 1.16.0
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.1
- 1.11.0
- 1.9.1
- 1.8.1
- 1.7.2
- 1.6.0-beta
public interface FirewallPolicyRuleOrBuilder extends MessageOrBuilder
Implements
MessageOrBuilderMethods
getAction()
public abstract String getAction()
The Action to perform when the client connection triggers the rule. Valid actions for firewall rules are: "allow", "deny", "apply_security_profile_group" and "goto_next". Valid actions for packet mirroring rules are: "mirror", "do_not_mirror" and "goto_next".
optional string action = 187661878;
Returns | |
---|---|
Type | Description |
String |
The action. |
getActionBytes()
public abstract ByteString getActionBytes()
The Action to perform when the client connection triggers the rule. Valid actions for firewall rules are: "allow", "deny", "apply_security_profile_group" and "goto_next". Valid actions for packet mirroring rules are: "mirror", "do_not_mirror" and "goto_next".
optional string action = 187661878;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for action. |
getDescription()
public abstract String getDescription()
An optional description for this resource.
optional string description = 422937596;
Returns | |
---|---|
Type | Description |
String |
The description. |
getDescriptionBytes()
public abstract ByteString getDescriptionBytes()
An optional description for this resource.
optional string description = 422937596;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for description. |
getDirection()
public abstract String getDirection()
The direction in which this rule applies. Check the Direction enum for the list of possible values.
optional string direction = 111150975;
Returns | |
---|---|
Type | Description |
String |
The direction. |
getDirectionBytes()
public abstract ByteString getDirectionBytes()
The direction in which this rule applies. Check the Direction enum for the list of possible values.
optional string direction = 111150975;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for direction. |
getDisabled()
public abstract boolean getDisabled()
Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled.
optional bool disabled = 270940796;
Returns | |
---|---|
Type | Description |
boolean |
The disabled. |
getEnableLogging()
public abstract boolean getEnableLogging()
Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
optional bool enable_logging = 295396515;
Returns | |
---|---|
Type | Description |
boolean |
The enableLogging. |
getKind()
public abstract String getKind()
[Output only] Type of the resource. Returns compute#firewallPolicyRule for firewall rules and compute#packetMirroringRule for packet mirroring rules.
optional string kind = 3292052;
Returns | |
---|---|
Type | Description |
String |
The kind. |
getKindBytes()
public abstract ByteString getKindBytes()
[Output only] Type of the resource. Returns compute#firewallPolicyRule for firewall rules and compute#packetMirroringRule for packet mirroring rules.
optional string kind = 3292052;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for kind. |
getMatch()
public abstract FirewallPolicyRuleMatcher getMatch()
A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
optional .google.cloud.compute.v1.FirewallPolicyRuleMatcher match = 103668165;
Returns | |
---|---|
Type | Description |
FirewallPolicyRuleMatcher |
The match. |
getMatchOrBuilder()
public abstract FirewallPolicyRuleMatcherOrBuilder getMatchOrBuilder()
A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
optional .google.cloud.compute.v1.FirewallPolicyRuleMatcher match = 103668165;
Returns | |
---|---|
Type | Description |
FirewallPolicyRuleMatcherOrBuilder |
getPriority()
public abstract int getPriority()
An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
optional int32 priority = 445151652;
Returns | |
---|---|
Type | Description |
int |
The priority. |
getRuleName()
public abstract String getRuleName()
An optional name for the rule. This field is not a unique identifier and can be updated.
optional string rule_name = 55286254;
Returns | |
---|---|
Type | Description |
String |
The ruleName. |
getRuleNameBytes()
public abstract ByteString getRuleNameBytes()
An optional name for the rule. This field is not a unique identifier and can be updated.
optional string rule_name = 55286254;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for ruleName. |
getRuleTupleCount()
public abstract int getRuleTupleCount()
[Output Only] Calculation of the complexity of a single firewall policy rule.
optional int32 rule_tuple_count = 388342037;
Returns | |
---|---|
Type | Description |
int |
The ruleTupleCount. |
getSecurityProfileGroup()
public abstract String getSecurityProfileGroup()
A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is one of 'apply_security_profile_group' or 'mirror'. Cannot be specified for other actions.
optional string security_profile_group = 207411626;
Returns | |
---|---|
Type | Description |
String |
The securityProfileGroup. |
getSecurityProfileGroupBytes()
public abstract ByteString getSecurityProfileGroupBytes()
A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is one of 'apply_security_profile_group' or 'mirror'. Cannot be specified for other actions.
optional string security_profile_group = 207411626;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for securityProfileGroup. |
getTargetResources(int index)
public abstract String getTargetResources(int index)
A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
repeated string target_resources = 528230647;
Parameter | |
---|---|
Name | Description |
index |
int The index of the element to return. |
Returns | |
---|---|
Type | Description |
String |
The targetResources at the given index. |
getTargetResourcesBytes(int index)
public abstract ByteString getTargetResourcesBytes(int index)
A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
repeated string target_resources = 528230647;
Parameter | |
---|---|
Name | Description |
index |
int The index of the value to return. |
Returns | |
---|---|
Type | Description |
ByteString |
The bytes of the targetResources at the given index. |
getTargetResourcesCount()
public abstract int getTargetResourcesCount()
A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
repeated string target_resources = 528230647;
Returns | |
---|---|
Type | Description |
int |
The count of targetResources. |
getTargetResourcesList()
public abstract List<String> getTargetResourcesList()
A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
repeated string target_resources = 528230647;
Returns | |
---|---|
Type | Description |
List<String> |
A list containing the targetResources. |
getTargetSecureTags(int index)
public abstract FirewallPolicyRuleSecureTag getTargetSecureTags(int index)
A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.
repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;
Parameter | |
---|---|
Name | Description |
index |
int |
Returns | |
---|---|
Type | Description |
FirewallPolicyRuleSecureTag |
getTargetSecureTagsCount()
public abstract int getTargetSecureTagsCount()
A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.
repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;
Returns | |
---|---|
Type | Description |
int |
getTargetSecureTagsList()
public abstract List<FirewallPolicyRuleSecureTag> getTargetSecureTagsList()
A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.
repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;
Returns | |
---|---|
Type | Description |
List<FirewallPolicyRuleSecureTag> |
getTargetSecureTagsOrBuilder(int index)
public abstract FirewallPolicyRuleSecureTagOrBuilder getTargetSecureTagsOrBuilder(int index)
A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.
repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;
Parameter | |
---|---|
Name | Description |
index |
int |
Returns | |
---|---|
Type | Description |
FirewallPolicyRuleSecureTagOrBuilder |
getTargetSecureTagsOrBuilderList()
public abstract List<? extends FirewallPolicyRuleSecureTagOrBuilder> getTargetSecureTagsOrBuilderList()
A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.
repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;
Returns | |
---|---|
Type | Description |
List<? extends com.google.cloud.compute.v1.FirewallPolicyRuleSecureTagOrBuilder> |
getTargetServiceAccounts(int index)
public abstract String getTargetServiceAccounts(int index)
A list of service accounts indicating the sets of instances that are applied with this rule.
repeated string target_service_accounts = 457639710;
Parameter | |
---|---|
Name | Description |
index |
int The index of the element to return. |
Returns | |
---|---|
Type | Description |
String |
The targetServiceAccounts at the given index. |
getTargetServiceAccountsBytes(int index)
public abstract ByteString getTargetServiceAccountsBytes(int index)
A list of service accounts indicating the sets of instances that are applied with this rule.
repeated string target_service_accounts = 457639710;
Parameter | |
---|---|
Name | Description |
index |
int The index of the value to return. |
Returns | |
---|---|
Type | Description |
ByteString |
The bytes of the targetServiceAccounts at the given index. |
getTargetServiceAccountsCount()
public abstract int getTargetServiceAccountsCount()
A list of service accounts indicating the sets of instances that are applied with this rule.
repeated string target_service_accounts = 457639710;
Returns | |
---|---|
Type | Description |
int |
The count of targetServiceAccounts. |
getTargetServiceAccountsList()
public abstract List<String> getTargetServiceAccountsList()
A list of service accounts indicating the sets of instances that are applied with this rule.
repeated string target_service_accounts = 457639710;
Returns | |
---|---|
Type | Description |
List<String> |
A list containing the targetServiceAccounts. |
getTlsInspect()
public abstract boolean getTlsInspect()
Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.
optional bool tls_inspect = 43425488;
Returns | |
---|---|
Type | Description |
boolean |
The tlsInspect. |
hasAction()
public abstract boolean hasAction()
The Action to perform when the client connection triggers the rule. Valid actions for firewall rules are: "allow", "deny", "apply_security_profile_group" and "goto_next". Valid actions for packet mirroring rules are: "mirror", "do_not_mirror" and "goto_next".
optional string action = 187661878;
Returns | |
---|---|
Type | Description |
boolean |
Whether the action field is set. |
hasDescription()
public abstract boolean hasDescription()
An optional description for this resource.
optional string description = 422937596;
Returns | |
---|---|
Type | Description |
boolean |
Whether the description field is set. |
hasDirection()
public abstract boolean hasDirection()
The direction in which this rule applies. Check the Direction enum for the list of possible values.
optional string direction = 111150975;
Returns | |
---|---|
Type | Description |
boolean |
Whether the direction field is set. |
hasDisabled()
public abstract boolean hasDisabled()
Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled.
optional bool disabled = 270940796;
Returns | |
---|---|
Type | Description |
boolean |
Whether the disabled field is set. |
hasEnableLogging()
public abstract boolean hasEnableLogging()
Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
optional bool enable_logging = 295396515;
Returns | |
---|---|
Type | Description |
boolean |
Whether the enableLogging field is set. |
hasKind()
public abstract boolean hasKind()
[Output only] Type of the resource. Returns compute#firewallPolicyRule for firewall rules and compute#packetMirroringRule for packet mirroring rules.
optional string kind = 3292052;
Returns | |
---|---|
Type | Description |
boolean |
Whether the kind field is set. |
hasMatch()
public abstract boolean hasMatch()
A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
optional .google.cloud.compute.v1.FirewallPolicyRuleMatcher match = 103668165;
Returns | |
---|---|
Type | Description |
boolean |
Whether the match field is set. |
hasPriority()
public abstract boolean hasPriority()
An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
optional int32 priority = 445151652;
Returns | |
---|---|
Type | Description |
boolean |
Whether the priority field is set. |
hasRuleName()
public abstract boolean hasRuleName()
An optional name for the rule. This field is not a unique identifier and can be updated.
optional string rule_name = 55286254;
Returns | |
---|---|
Type | Description |
boolean |
Whether the ruleName field is set. |
hasRuleTupleCount()
public abstract boolean hasRuleTupleCount()
[Output Only] Calculation of the complexity of a single firewall policy rule.
optional int32 rule_tuple_count = 388342037;
Returns | |
---|---|
Type | Description |
boolean |
Whether the ruleTupleCount field is set. |
hasSecurityProfileGroup()
public abstract boolean hasSecurityProfileGroup()
A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is one of 'apply_security_profile_group' or 'mirror'. Cannot be specified for other actions.
optional string security_profile_group = 207411626;
Returns | |
---|---|
Type | Description |
boolean |
Whether the securityProfileGroup field is set. |
hasTlsInspect()
public abstract boolean hasTlsInspect()
Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.
optional bool tls_inspect = 43425488;
Returns | |
---|---|
Type | Description |
boolean |
Whether the tlsInspect field is set. |