public final class ServicePerimeter extends GeneratedMessageV3 implements ServicePerimeterOrBuilder
ServicePerimeter
describes a set of Google Cloud resources which can freely
import and export data amongst themselves, but not export outside of the
ServicePerimeter
. If a request with a source within this ServicePerimeter
has a target outside of the ServicePerimeter
, the request will be blocked.
Otherwise the request is allowed. There are two types of Service Perimeter -
Regular and Bridge. Regular Service Perimeters cannot overlap, a single
Google Cloud project can only belong to a single regular Service Perimeter.
Service Perimeter Bridges can contain only Google Cloud projects as members,
a single Google Cloud project may belong to multiple Service Perimeter
Bridges.
Protobuf type google.identity.accesscontextmanager.v1.ServicePerimeter
Inherited Members
com.google.protobuf.GeneratedMessageV3.<ListT>makeMutableCopy(ListT)
Static Fields
CREATE_TIME_FIELD_NUMBER
public static final int CREATE_TIME_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
DESCRIPTION_FIELD_NUMBER
public static final int DESCRIPTION_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
NAME_FIELD_NUMBER
public static final int NAME_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
PERIMETER_TYPE_FIELD_NUMBER
public static final int PERIMETER_TYPE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
SPEC_FIELD_NUMBER
public static final int SPEC_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
STATUS_FIELD_NUMBER
public static final int STATUS_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
TITLE_FIELD_NUMBER
public static final int TITLE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
UPDATE_TIME_FIELD_NUMBER
public static final int UPDATE_TIME_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
USE_EXPLICIT_DRY_RUN_SPEC_FIELD_NUMBER
public static final int USE_EXPLICIT_DRY_RUN_SPEC_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
Static Methods
getDefaultInstance()
public static ServicePerimeter getDefaultInstance()
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
newBuilder()
public static ServicePerimeter.Builder newBuilder()
newBuilder(ServicePerimeter prototype)
public static ServicePerimeter.Builder newBuilder(ServicePerimeter prototype)
parseDelimitedFrom(InputStream input)
public static ServicePerimeter parseDelimitedFrom(InputStream input)
parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeter parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(byte[] data)
public static ServicePerimeter parseFrom(byte[] data)
Parameter |
---|
Name | Description |
data | byte[]
|
parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeter parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteString data)
public static ServicePerimeter parseFrom(ByteString data)
parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeter parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
parseFrom(CodedInputStream input)
public static ServicePerimeter parseFrom(CodedInputStream input)
parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeter parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(InputStream input)
public static ServicePerimeter parseFrom(InputStream input)
parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeter parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteBuffer data)
public static ServicePerimeter parseFrom(ByteBuffer data)
parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
public static ServicePerimeter parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
parser()
public static Parser<ServicePerimeter> parser()
Methods
equals(Object obj)
public boolean equals(Object obj)
Parameter |
---|
Name | Description |
obj | Object
|
Overrides
getCreateTime()
public Timestamp getCreateTime()
Output only. Time the ServicePerimeter
was created in UTC.
.google.protobuf.Timestamp create_time = 4;
Returns |
---|
Type | Description |
Timestamp | The createTime.
|
getCreateTimeOrBuilder()
public TimestampOrBuilder getCreateTimeOrBuilder()
Output only. Time the ServicePerimeter
was created in UTC.
.google.protobuf.Timestamp create_time = 4;
getDefaultInstanceForType()
public ServicePerimeter getDefaultInstanceForType()
getDescription()
public String getDescription()
Description of the ServicePerimeter
and its use. Does not affect
behavior.
string description = 3;
Returns |
---|
Type | Description |
String | The description.
|
getDescriptionBytes()
public ByteString getDescriptionBytes()
Description of the ServicePerimeter
and its use. Does not affect
behavior.
string description = 3;
Returns |
---|
Type | Description |
ByteString | The bytes for description.
|
getName()
Required. Resource name for the ServicePerimeter. The short_name
component must begin with a letter and only include alphanumeric and '_'.
Format:
accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
string name = 1;
Returns |
---|
Type | Description |
String | The name.
|
getNameBytes()
public ByteString getNameBytes()
Required. Resource name for the ServicePerimeter. The short_name
component must begin with a letter and only include alphanumeric and '_'.
Format:
accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
string name = 1;
Returns |
---|
Type | Description |
ByteString | The bytes for name.
|
getParserForType()
public Parser<ServicePerimeter> getParserForType()
Overrides
getPerimeterType()
public ServicePerimeter.PerimeterType getPerimeterType()
Perimeter type indicator. A single project is
allowed to be a member of single regular perimeter, but multiple service
perimeter bridges. A project cannot be a included in a perimeter bridge
without being included in regular perimeter. For perimeter bridges,
the restricted service list as well as access level lists must be
empty.
.google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType perimeter_type = 6;
getPerimeterTypeValue()
public int getPerimeterTypeValue()
Perimeter type indicator. A single project is
allowed to be a member of single regular perimeter, but multiple service
perimeter bridges. A project cannot be a included in a perimeter bridge
without being included in regular perimeter. For perimeter bridges,
the restricted service list as well as access level lists must be
empty.
.google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType perimeter_type = 6;
Returns |
---|
Type | Description |
int | The enum numeric value on the wire for perimeterType.
|
getSerializedSize()
public int getSerializedSize()
Returns |
---|
Type | Description |
int | |
Overrides
getSpec()
public ServicePerimeterConfig getSpec()
Proposed (or dry run) ServicePerimeter configuration. This configuration
allows to specify and test ServicePerimeter configuration without enforcing
actual access restrictions. Only allowed to be set when the
"use_explicit_dry_run_spec" flag is set.
.google.identity.accesscontextmanager.v1.ServicePerimeterConfig spec = 8;
getSpecOrBuilder()
public ServicePerimeterConfigOrBuilder getSpecOrBuilder()
Proposed (or dry run) ServicePerimeter configuration. This configuration
allows to specify and test ServicePerimeter configuration without enforcing
actual access restrictions. Only allowed to be set when the
"use_explicit_dry_run_spec" flag is set.
.google.identity.accesscontextmanager.v1.ServicePerimeterConfig spec = 8;
getStatus()
public ServicePerimeterConfig getStatus()
Current ServicePerimeter configuration. Specifies sets of resources,
restricted services and access levels that determine perimeter
content and boundaries.
.google.identity.accesscontextmanager.v1.ServicePerimeterConfig status = 7;
getStatusOrBuilder()
public ServicePerimeterConfigOrBuilder getStatusOrBuilder()
Current ServicePerimeter configuration. Specifies sets of resources,
restricted services and access levels that determine perimeter
content and boundaries.
.google.identity.accesscontextmanager.v1.ServicePerimeterConfig status = 7;
getTitle()
Human readable title. Must be unique within the Policy.
string title = 2;
Returns |
---|
Type | Description |
String | The title.
|
getTitleBytes()
public ByteString getTitleBytes()
Human readable title. Must be unique within the Policy.
string title = 2;
Returns |
---|
Type | Description |
ByteString | The bytes for title.
|
getUnknownFields()
public final UnknownFieldSet getUnknownFields()
Overrides
getUpdateTime()
public Timestamp getUpdateTime()
Output only. Time the ServicePerimeter
was updated in UTC.
.google.protobuf.Timestamp update_time = 5;
Returns |
---|
Type | Description |
Timestamp | The updateTime.
|
getUpdateTimeOrBuilder()
public TimestampOrBuilder getUpdateTimeOrBuilder()
Output only. Time the ServicePerimeter
was updated in UTC.
.google.protobuf.Timestamp update_time = 5;
getUseExplicitDryRunSpec()
public boolean getUseExplicitDryRunSpec()
Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly
exists for all Service Perimeters, and that spec is identical to the
status for those Service Perimeters. When this flag is set, it inhibits the
generation of the implicit spec, thereby allowing the user to explicitly
provide a configuration ("spec") to use in a dry-run version of the Service
Perimeter. This allows the user to test changes to the enforced config
("status") without actually enforcing them. This testing is done through
analyzing the differences between currently enforced and suggested
restrictions. use_explicit_dry_run_spec must bet set to True if any of the
fields in the spec are set to non-default values.
bool use_explicit_dry_run_spec = 9;
Returns |
---|
Type | Description |
boolean | The useExplicitDryRunSpec.
|
hasCreateTime()
public boolean hasCreateTime()
Output only. Time the ServicePerimeter
was created in UTC.
.google.protobuf.Timestamp create_time = 4;
Returns |
---|
Type | Description |
boolean | Whether the createTime field is set.
|
hasSpec()
Proposed (or dry run) ServicePerimeter configuration. This configuration
allows to specify and test ServicePerimeter configuration without enforcing
actual access restrictions. Only allowed to be set when the
"use_explicit_dry_run_spec" flag is set.
.google.identity.accesscontextmanager.v1.ServicePerimeterConfig spec = 8;
Returns |
---|
Type | Description |
boolean | Whether the spec field is set.
|
hasStatus()
public boolean hasStatus()
Current ServicePerimeter configuration. Specifies sets of resources,
restricted services and access levels that determine perimeter
content and boundaries.
.google.identity.accesscontextmanager.v1.ServicePerimeterConfig status = 7;
Returns |
---|
Type | Description |
boolean | Whether the status field is set.
|
hasUpdateTime()
public boolean hasUpdateTime()
Output only. Time the ServicePerimeter
was updated in UTC.
.google.protobuf.Timestamp update_time = 5;
Returns |
---|
Type | Description |
boolean | Whether the updateTime field is set.
|
hashCode()
Returns |
---|
Type | Description |
int | |
Overrides
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Overrides
isInitialized()
public final boolean isInitialized()
Overrides
newBuilderForType()
public ServicePerimeter.Builder newBuilderForType()
newBuilderForType(GeneratedMessageV3.BuilderParent parent)
protected ServicePerimeter.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Overrides
newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Overrides
toBuilder()
public ServicePerimeter.Builder toBuilder()
writeTo(CodedOutputStream output)
public void writeTo(CodedOutputStream output)
Overrides