SecurityPolicyRule(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
Attributes | |
---|---|
Name | Description |
action |
str
The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS
are 403, 404, and 502. - rate_based_ban: limit client
traffic to the configured threshold and ban the client if
the traffic exceeds the threshold. Configure parameters for
this action in RateLimitOptions. Requires rate_limit_options
to be set. - redirect: redirect to a different target. This
can either be an internal reCAPTCHA redirect, or an external
URL-based redirect via a 302 response. Parameters for this
action can be configured via redirectOptions. - throttle:
limit client traffic to the configured threshold. Configure
parameters for this action in rateLimitOptions. Requires
rate_limit_options to be set for this.
This field is a member of oneof _ _action .
|
description |
str
An optional description of this resource. Provide this property when you create the resource. This field is a member of oneof _ _description .
|
header_action |
google.cloud.compute_v1.types.SecurityPolicyRuleHttpHeaderAction
Optional, additional actions that are performed on headers. This field is a member of oneof _ _header_action .
|
kind |
str
[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules This field is a member of oneof _ _kind .
|
match |
google.cloud.compute_v1.types.SecurityPolicyRuleMatcher
A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. This field is a member of oneof _ _match .
|
preconfigured_waf_config |
google.cloud.compute_v1.types.SecurityPolicyRulePreconfiguredWafConfig
Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. This field is a member of oneof _ _preconfigured_waf_config .
|
preview |
bool
If set to true, the specified action is not enforced. This field is a member of oneof _ _preview .
|
priority |
int
An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. This field is a member of oneof _ _priority .
|
rate_limit_options |
google.cloud.compute_v1.types.SecurityPolicyRuleRateLimitOptions
Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. This field is a member of oneof _ _rate_limit_options .
|
redirect_options |
google.cloud.compute_v1.types.SecurityPolicyRuleRedirectOptions
Parameters defining the redirect action. Cannot be specified for any other actions. This field is a member of oneof _ _redirect_options .
|