Compute V1 Client - Class SecurityPoliciesClient (1.7.1)

Reference documentation and code samples for the Compute V1 Client class SecurityPoliciesClient.

Service Description: The SecurityPolicies API.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:

$securityPoliciesClient = new SecurityPoliciesClient();
try {
    $project = 'project';
    $securityPolicy = 'security_policy';
    $securityPolicyRuleResource = new SecurityPolicyRule();
    $operationResponse = $securityPoliciesClient->addRule($project, $securityPolicy, $securityPolicyRuleResource);
    $operationResponse->pollUntilComplete();
    if ($operationResponse->operationSucceeded()) {
        // if creating/modifying, retrieve the target resource
    } else {
        $error = $operationResponse->getError();
        // handleError($error)
    }
    // Alternatively:
    // start the operation, keep the operation name, and resume later
    $operationResponse = $securityPoliciesClient->addRule($project, $securityPolicy, $securityPolicyRuleResource);
    $operationName = $operationResponse->getName();
    // ... do other work
    $newOperationResponse = $securityPoliciesClient->resumeOperation($operationName, 'addRule');
    while (!$newOperationResponse->isDone()) {
        // ... do other work
        $newOperationResponse->reload();
    }
    if ($newOperationResponse->operationSucceeded()) {
        // if creating/modifying, retrieve the target resource
    } else {
        $error = $newOperationResponse->getError();
        // handleError($error)
    }
} finally {
    $securityPoliciesClient->close();
}

Methods

getOperationsClient

Return an GlobalOperationsClient object with the same endpoint as $this.

Returns
Type	Description
`Google\Cloud\Compute\V1\GlobalOperationsClient`

resumeOperation

Resume an existing long running operation that was previously started by a long running API method. If $methodName is not provided, or does not match a long running API method, then the operation can still be resumed, but the OperationResponse object will not deserialize the final response.

Parameters
Name	Description
`operationName`	`string` The name of the long running operation
`methodName`	`string` The name of the method used to start the operation

Returns
Type	Description
`Google\ApiCore\OperationResponse`

__construct

Constructor.

Parameters
Name	Description
`options`	`array` Optional. Options for configuring the service API wrapper.
`↳ apiEndpoint`	`string` The address of the API remote host. May optionally include the port, formatted as "
`↳ credentials`	`string\|array\|FetchAuthTokenInterface\|CredentialsWrapper` The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored.
`↳ credentialsConfig`	`array` Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() .
`↳ disableRetries`	`bool` Determines whether or not retries defined by the client configuration should be disabled. Defaults to `false`.
`↳ clientConfig`	`string\|array` Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder.
`↳ transport`	`string\|TransportInterface` The transport used for executing network requests. At the moment, supports only `rest`. Advanced usage: Additionally, it is possible to pass in an already instantiated Google\ApiCore\Transport\TransportInterface object. Note that when this object is provided, any settings in $transportConfig, and any $apiEndpoint setting, will be ignored.
`↳ transportConfig`	`array` Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'rest' => [...], ]; See the Google\ApiCore\Transport\RestTransport::build() method for the supported options.
`↳ clientCertSource`	`callable` A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS.

addRule

Inserts a rule into a security policy.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to update.
`securityPolicyRuleResource`	`Google\Cloud\Compute\V1\SecurityPolicyRule` The body resource for this request
`optionalArgs`	`array` Optional.
`↳ validateOnly`	`bool` If true, the request will not be committed.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPolicyRule;
use Google\Rpc\Status;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to update.
 */
function add_rule_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityPolicyRuleResource = new SecurityPolicyRule();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->addRule(
            $project,
            $securityPolicy,
            $securityPolicyRuleResource
        );
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    add_rule_sample($project, $securityPolicy);
}

aggregatedList

Retrieves the list of all SecurityPolicy resources, regional and global, available to the specified project.

Parameters
Name	Description
`project`	`string` Name of the project scoping this request.
`optionalArgs`	`array` Optional.
`↳ filter`	`string` A filter expression that filters resources listed in the response. Most Compute resources support two types of filter expressions: expressions that support regular expressions and expressions that follow API improvement proposal AIP-160. If you want to use AIP-160, your expression must specify the field name, an operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The operator must be either `=`, `!=`, `>`, `<`, `<=`, `>=` or `:`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. The `:` operator can be used with string fields to match substrings. For non-string fields it is equivalent to the `=` operator. The `:` comparison can be used to test whether a key has been defined. For example, to find all objects with `owner` label use: `labels.owner:` You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: `(scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake")` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: `(cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true)` If you want to use a regular expression, use the `eq` (equal) or `ne` (not equal) operator against a single un-parenthesized expression with or without quotes or against multiple parenthesized expressions. Examples: `fieldname eq unquoted literal` `fieldname eq 'single quoted literal'` `fieldname eq "double quoted literal"` `(fieldname1 eq literal) (fieldname2 ne "literal")` The literal value is interpreted as a regular expression using Google RE2 library syntax. The literal value must match the entire field. For example, to filter for instances that do not end with name "instance", you would use `name ne .*instance`.
`↳ includeAllScopes`	`bool` Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
`↳ maxResults`	`int` The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
`↳ orderBy`	`string` Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
`↳ pageToken`	`string` A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.
`↳ returnPartialSuccess`	`bool` Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\PagedListResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;

/**
 * @param string $project Name of the project scoping this request.
 */
function aggregated_list_sample(string $project): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityPoliciesClient->aggregatedList($project);

        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';

    aggregated_list_sample($project);
}

delete

Deletes the specified policy.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to delete.
`optionalArgs`	`array` Optional.
`↳ requestId`	`string` An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Rpc\Status;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to delete.
 */
function delete_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->delete($project, $securityPolicy);
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    delete_sample($project, $securityPolicy);
}

get

List all of the ordered rules present in a single specified policy.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to get.
`optionalArgs`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Compute\V1\SecurityPolicy`

Example

use Google\ApiCore\ApiException;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPolicy;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to get.
 */
function get_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityPolicy $response */
        $response = $securityPoliciesClient->get($project, $securityPolicy);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    get_sample($project, $securityPolicy);
}

getRule

Gets a rule at the specified priority.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to which the queried rule belongs.
`optionalArgs`	`array` Optional.
`↳ priority`	`int` The priority of the rule to get from the security policy.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Compute\V1\SecurityPolicyRule`

Example

use Google\ApiCore\ApiException;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPolicyRule;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to which the queried rule belongs.
 */
function get_rule_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityPolicyRule $response */
        $response = $securityPoliciesClient->getRule($project, $securityPolicy);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    get_rule_sample($project, $securityPolicy);
}

insert

Creates a new policy in the specified project using the data included in the request.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicyResource`	`Google\Cloud\Compute\V1\SecurityPolicy` The body resource for this request
`optionalArgs`	`array` Optional.
`↳ requestId`	`string` An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
`↳ validateOnly`	`bool` If true, the request will not be committed.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPolicy;
use Google\Rpc\Status;

/**
 * @param string $project Project ID for this request.
 */
function insert_sample(string $project): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityPolicyResource = new SecurityPolicy();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->insert($project, $securityPolicyResource);
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';

    insert_sample($project);
}

list

List all the policies that have been configured for the specified project.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`optionalArgs`	`array` Optional.
`↳ filter`	`string` A filter expression that filters resources listed in the response. Most Compute resources support two types of filter expressions: expressions that support regular expressions and expressions that follow API improvement proposal AIP-160. If you want to use AIP-160, your expression must specify the field name, an operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The operator must be either `=`, `!=`, `>`, `<`, `<=`, `>=` or `:`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. The `:` operator can be used with string fields to match substrings. For non-string fields it is equivalent to the `=` operator. The `:` comparison can be used to test whether a key has been defined. For example, to find all objects with `owner` label use: `labels.owner:` You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: `(scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake")` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: `(cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true)` If you want to use a regular expression, use the `eq` (equal) or `ne` (not equal) operator against a single un-parenthesized expression with or without quotes or against multiple parenthesized expressions. Examples: `fieldname eq unquoted literal` `fieldname eq 'single quoted literal'` `fieldname eq "double quoted literal"` `(fieldname1 eq literal) (fieldname2 ne "literal")` The literal value is interpreted as a regular expression using Google RE2 library syntax. The literal value must match the entire field. For example, to filter for instances that do not end with name "instance", you would use `name ne .*instance`.
`↳ maxResults`	`int` The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
`↳ orderBy`	`string` Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
`↳ pageToken`	`string` A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.
`↳ returnPartialSuccess`	`bool` Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\PagedListResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;

/**
 * @param string $project Project ID for this request.
 */
function list_sample(string $project): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityPoliciesClient->list($project);

        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';

    list_sample($project);
}

listPreconfiguredExpressionSets

Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`optionalArgs`	`array` Optional.
`↳ filter`	`string` A filter expression that filters resources listed in the response. Most Compute resources support two types of filter expressions: expressions that support regular expressions and expressions that follow API improvement proposal AIP-160. If you want to use AIP-160, your expression must specify the field name, an operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The operator must be either `=`, `!=`, `>`, `<`, `<=`, `>=` or `:`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. The `:` operator can be used with string fields to match substrings. For non-string fields it is equivalent to the `=` operator. The `:` comparison can be used to test whether a key has been defined. For example, to find all objects with `owner` label use: `labels.owner:` You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: `(scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake")` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: `(cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true)` If you want to use a regular expression, use the `eq` (equal) or `ne` (not equal) operator against a single un-parenthesized expression with or without quotes or against multiple parenthesized expressions. Examples: `fieldname eq unquoted literal` `fieldname eq 'single quoted literal'` `fieldname eq "double quoted literal"` `(fieldname1 eq literal) (fieldname2 ne "literal")` The literal value is interpreted as a regular expression using Google RE2 library syntax. The literal value must match the entire field. For example, to filter for instances that do not end with name "instance", you would use `name ne .*instance`.
`↳ maxResults`	`int` The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
`↳ orderBy`	`string` Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
`↳ pageToken`	`string` Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
`↳ returnPartialSuccess`	`bool` Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Compute\V1\SecurityPoliciesListPreconfiguredExpressionSetsResponse`

Example

use Google\ApiCore\ApiException;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPoliciesListPreconfiguredExpressionSetsResponse;

/**
 * @param string $project Project ID for this request.
 */
function list_preconfigured_expression_sets_sample(string $project): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityPoliciesListPreconfiguredExpressionSetsResponse $response */
        $response = $securityPoliciesClient->listPreconfiguredExpressionSets($project);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';

    list_preconfigured_expression_sets_sample($project);
}

patch

Patches the specified policy with the data included in the request. To clear fields in the rule, leave the fields empty and specify them in the updateMask. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to update.
`securityPolicyResource`	`Google\Cloud\Compute\V1\SecurityPolicy` The body resource for this request
`optionalArgs`	`array` Optional.
`↳ requestId`	`string` An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPolicy;
use Google\Rpc\Status;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to update.
 */
function patch_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityPolicyResource = new SecurityPolicy();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->patch($project, $securityPolicy, $securityPolicyResource);
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    patch_sample($project, $securityPolicy);
}

patchRule

Patches a rule at the specified priority.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to update.
`securityPolicyRuleResource`	`Google\Cloud\Compute\V1\SecurityPolicyRule` The body resource for this request
`optionalArgs`	`array` Optional.
`↳ priority`	`int` The priority of the rule to patch.
`↳ validateOnly`	`bool` If true, the request will not be committed.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Cloud\Compute\V1\SecurityPolicyRule;
use Google\Rpc\Status;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to update.
 */
function patch_rule_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityPolicyRuleResource = new SecurityPolicyRule();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->patchRule(
            $project,
            $securityPolicy,
            $securityPolicyRuleResource
        );
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    patch_rule_sample($project, $securityPolicy);
}

removeRule

Deletes a rule at the specified priority.

Parameters
Name	Description
`project`	`string` Project ID for this request.
`securityPolicy`	`string` Name of the security policy to update.
`optionalArgs`	`array` Optional.
`↳ priority`	`int` The priority of the rule to remove from the security policy.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Rpc\Status;

/**
 * @param string $project        Project ID for this request.
 * @param string $securityPolicy Name of the security policy to update.
 */
function remove_rule_sample(string $project, string $securityPolicy): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->removeRule($project, $securityPolicy);
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $securityPolicy = '[SECURITY_POLICY]';

    remove_rule_sample($project, $securityPolicy);
}

setLabels

Sets the labels on a security policy. To learn more about labels, read the Labeling Resources documentation.

Parameters
Name	Description
`globalSetLabelsRequestResource`	`Google\Cloud\Compute\V1\GlobalSetLabelsRequest` The body resource for this request
`project`	`string` Project ID for this request.
`resource`	`string` Name or id of the resource for this request.
`optionalArgs`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\OperationResponse`

Example

use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\Compute\V1\GlobalSetLabelsRequest;
use Google\Cloud\Compute\V1\SecurityPoliciesClient;
use Google\Rpc\Status;

/**
 * @param string $project  Project ID for this request.
 * @param string $resource Name or id of the resource for this request.
 */
function set_labels_sample(string $project, string $resource): void
{
    // Create a client.
    $securityPoliciesClient = new SecurityPoliciesClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $globalSetLabelsRequestResource = new GlobalSetLabelsRequest();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityPoliciesClient->setLabels(
            $globalSetLabelsRequestResource,
            $project,
            $resource
        );
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            printf('Operation completed successfully.' . PHP_EOL);
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $project = '[PROJECT]';
    $resource = '[RESOURCE]';

    set_labels_sample($project, $resource);
}

Constants

SERVICE_NAME

Value: 'google.cloud.compute.v1.SecurityPolicies'

The name of the service.

SERVICE_ADDRESS

Value: 'compute.googleapis.com'

The default address of the service.

DEFAULT_SERVICE_PORT

Value: 443

The default port of the service.

CODEGEN_NAME

Value: 'gapic'

The name of the code generator, to be included in the agent header.