Interface FirewallPolicyRuleOrBuilder (1.64.0)

public interface FirewallPolicyRuleOrBuilder extends MessageOrBuilder

Implements

MessageOrBuilder

Methods

getAction()

public abstract String getAction()

The Action to perform when the client connection triggers the rule. Valid actions for firewall rules are: "allow", "deny", "apply_security_profile_group" and "goto_next". Valid actions for packet mirroring rules are: "mirror", "do_not_mirror" and "goto_next".

optional string action = 187661878;

Returns
Type Description
String

The action.

getActionBytes()

public abstract ByteString getActionBytes()

The Action to perform when the client connection triggers the rule. Valid actions for firewall rules are: "allow", "deny", "apply_security_profile_group" and "goto_next". Valid actions for packet mirroring rules are: "mirror", "do_not_mirror" and "goto_next".

optional string action = 187661878;

Returns
Type Description
ByteString

The bytes for action.

getDescription()

public abstract String getDescription()

An optional description for this resource.

optional string description = 422937596;

Returns
Type Description
String

The description.

getDescriptionBytes()

public abstract ByteString getDescriptionBytes()

An optional description for this resource.

optional string description = 422937596;

Returns
Type Description
ByteString

The bytes for description.

getDirection()

public abstract String getDirection()

The direction in which this rule applies. Check the Direction enum for the list of possible values.

optional string direction = 111150975;

Returns
Type Description
String

The direction.

getDirectionBytes()

public abstract ByteString getDirectionBytes()

The direction in which this rule applies. Check the Direction enum for the list of possible values.

optional string direction = 111150975;

Returns
Type Description
ByteString

The bytes for direction.

getDisabled()

public abstract boolean getDisabled()

Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled.

optional bool disabled = 270940796;

Returns
Type Description
boolean

The disabled.

getEnableLogging()

public abstract boolean getEnableLogging()

Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.

optional bool enable_logging = 295396515;

Returns
Type Description
boolean

The enableLogging.

getKind()

public abstract String getKind()

[Output only] Type of the resource. Returns compute#firewallPolicyRule for firewall rules and compute#packetMirroringRule for packet mirroring rules.

optional string kind = 3292052;

Returns
Type Description
String

The kind.

getKindBytes()

public abstract ByteString getKindBytes()

[Output only] Type of the resource. Returns compute#firewallPolicyRule for firewall rules and compute#packetMirroringRule for packet mirroring rules.

optional string kind = 3292052;

Returns
Type Description
ByteString

The bytes for kind.

getMatch()

public abstract FirewallPolicyRuleMatcher getMatch()

A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.

optional .google.cloud.compute.v1.FirewallPolicyRuleMatcher match = 103668165;

Returns
Type Description
FirewallPolicyRuleMatcher

The match.

getMatchOrBuilder()

public abstract FirewallPolicyRuleMatcherOrBuilder getMatchOrBuilder()

A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.

optional .google.cloud.compute.v1.FirewallPolicyRuleMatcher match = 103668165;

Returns
Type Description
FirewallPolicyRuleMatcherOrBuilder

getPriority()

public abstract int getPriority()

An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.

optional int32 priority = 445151652;

Returns
Type Description
int

The priority.

getRuleName()

public abstract String getRuleName()

An optional name for the rule. This field is not a unique identifier and can be updated.

optional string rule_name = 55286254;

Returns
Type Description
String

The ruleName.

getRuleNameBytes()

public abstract ByteString getRuleNameBytes()

An optional name for the rule. This field is not a unique identifier and can be updated.

optional string rule_name = 55286254;

Returns
Type Description
ByteString

The bytes for ruleName.

getRuleTupleCount()

public abstract int getRuleTupleCount()

[Output Only] Calculation of the complexity of a single firewall policy rule.

optional int32 rule_tuple_count = 388342037;

Returns
Type Description
int

The ruleTupleCount.

getSecurityProfileGroup()

public abstract String getSecurityProfileGroup()

A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is one of 'apply_security_profile_group' or 'mirror'. Cannot be specified for other actions.

optional string security_profile_group = 207411626;

Returns
Type Description
String

The securityProfileGroup.

getSecurityProfileGroupBytes()

public abstract ByteString getSecurityProfileGroupBytes()

A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is one of 'apply_security_profile_group' or 'mirror'. Cannot be specified for other actions.

optional string security_profile_group = 207411626;

Returns
Type Description
ByteString

The bytes for securityProfileGroup.

getTargetResources(int index)

public abstract String getTargetResources(int index)

A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.

repeated string target_resources = 528230647;

Parameter
Name Description
index int

The index of the element to return.

Returns
Type Description
String

The targetResources at the given index.

getTargetResourcesBytes(int index)

public abstract ByteString getTargetResourcesBytes(int index)

A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.

repeated string target_resources = 528230647;

Parameter
Name Description
index int

The index of the value to return.

Returns
Type Description
ByteString

The bytes of the targetResources at the given index.

getTargetResourcesCount()

public abstract int getTargetResourcesCount()

A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.

repeated string target_resources = 528230647;

Returns
Type Description
int

The count of targetResources.

getTargetResourcesList()

public abstract List<String> getTargetResourcesList()

A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.

repeated string target_resources = 528230647;

Returns
Type Description
List<String>

A list containing the targetResources.

getTargetSecureTags(int index)

public abstract FirewallPolicyRuleSecureTag getTargetSecureTags(int index)

A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.

repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;

Parameter
Name Description
index int
Returns
Type Description
FirewallPolicyRuleSecureTag

getTargetSecureTagsCount()

public abstract int getTargetSecureTagsCount()

A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.

repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;

Returns
Type Description
int

getTargetSecureTagsList()

public abstract List<FirewallPolicyRuleSecureTag> getTargetSecureTagsList()

A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.

repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;

Returns
Type Description
List<FirewallPolicyRuleSecureTag>

getTargetSecureTagsOrBuilder(int index)

public abstract FirewallPolicyRuleSecureTagOrBuilder getTargetSecureTagsOrBuilder(int index)

A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.

repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;

Parameter
Name Description
index int
Returns
Type Description
FirewallPolicyRuleSecureTagOrBuilder

getTargetSecureTagsOrBuilderList()

public abstract List<? extends FirewallPolicyRuleSecureTagOrBuilder> getTargetSecureTagsOrBuilderList()

A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256.

repeated .google.cloud.compute.v1.FirewallPolicyRuleSecureTag target_secure_tags = 468132403;

Returns
Type Description
List<? extends com.google.cloud.compute.v1.FirewallPolicyRuleSecureTagOrBuilder>

getTargetServiceAccounts(int index)

public abstract String getTargetServiceAccounts(int index)

A list of service accounts indicating the sets of instances that are applied with this rule.

repeated string target_service_accounts = 457639710;

Parameter
Name Description
index int

The index of the element to return.

Returns
Type Description
String

The targetServiceAccounts at the given index.

getTargetServiceAccountsBytes(int index)

public abstract ByteString getTargetServiceAccountsBytes(int index)

A list of service accounts indicating the sets of instances that are applied with this rule.

repeated string target_service_accounts = 457639710;

Parameter
Name Description
index int

The index of the value to return.

Returns
Type Description
ByteString

The bytes of the targetServiceAccounts at the given index.

getTargetServiceAccountsCount()

public abstract int getTargetServiceAccountsCount()

A list of service accounts indicating the sets of instances that are applied with this rule.

repeated string target_service_accounts = 457639710;

Returns
Type Description
int

The count of targetServiceAccounts.

getTargetServiceAccountsList()

public abstract List<String> getTargetServiceAccountsList()

A list of service accounts indicating the sets of instances that are applied with this rule.

repeated string target_service_accounts = 457639710;

Returns
Type Description
List<String>

A list containing the targetServiceAccounts.

getTlsInspect()

public abstract boolean getTlsInspect()

Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.

optional bool tls_inspect = 43425488;

Returns
Type Description
boolean

The tlsInspect.

hasAction()

public abstract boolean hasAction()

The Action to perform when the client connection triggers the rule. Valid actions for firewall rules are: "allow", "deny", "apply_security_profile_group" and "goto_next". Valid actions for packet mirroring rules are: "mirror", "do_not_mirror" and "goto_next".

optional string action = 187661878;

Returns
Type Description
boolean

Whether the action field is set.

hasDescription()

public abstract boolean hasDescription()

An optional description for this resource.

optional string description = 422937596;

Returns
Type Description
boolean

Whether the description field is set.

hasDirection()

public abstract boolean hasDirection()

The direction in which this rule applies. Check the Direction enum for the list of possible values.

optional string direction = 111150975;

Returns
Type Description
boolean

Whether the direction field is set.

hasDisabled()

public abstract boolean hasDisabled()

Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled.

optional bool disabled = 270940796;

Returns
Type Description
boolean

Whether the disabled field is set.

hasEnableLogging()

public abstract boolean hasEnableLogging()

Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.

optional bool enable_logging = 295396515;

Returns
Type Description
boolean

Whether the enableLogging field is set.

hasKind()

public abstract boolean hasKind()

[Output only] Type of the resource. Returns compute#firewallPolicyRule for firewall rules and compute#packetMirroringRule for packet mirroring rules.

optional string kind = 3292052;

Returns
Type Description
boolean

Whether the kind field is set.

hasMatch()

public abstract boolean hasMatch()

A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.

optional .google.cloud.compute.v1.FirewallPolicyRuleMatcher match = 103668165;

Returns
Type Description
boolean

Whether the match field is set.

hasPriority()

public abstract boolean hasPriority()

An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.

optional int32 priority = 445151652;

Returns
Type Description
boolean

Whether the priority field is set.

hasRuleName()

public abstract boolean hasRuleName()

An optional name for the rule. This field is not a unique identifier and can be updated.

optional string rule_name = 55286254;

Returns
Type Description
boolean

Whether the ruleName field is set.

hasRuleTupleCount()

public abstract boolean hasRuleTupleCount()

[Output Only] Calculation of the complexity of a single firewall policy rule.

optional int32 rule_tuple_count = 388342037;

Returns
Type Description
boolean

Whether the ruleTupleCount field is set.

hasSecurityProfileGroup()

public abstract boolean hasSecurityProfileGroup()

A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is one of 'apply_security_profile_group' or 'mirror'. Cannot be specified for other actions.

optional string security_profile_group = 207411626;

Returns
Type Description
boolean

Whether the securityProfileGroup field is set.

hasTlsInspect()

public abstract boolean hasTlsInspect()

Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.

optional bool tls_inspect = 43425488;

Returns
Type Description
boolean

Whether the tlsInspect field is set.