Class SecurityPoliciesClient (1.2.0)

SecurityPoliciesClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.compute_v1.services.security_policies.transports.base.SecurityPoliciesTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)

The SecurityPolicies API.

Properties

transport

Returns the transport used by the client instance.

Returns
TypeDescription
SecurityPoliciesTransportThe transport used by the client instance.

Methods

SecurityPoliciesClient

SecurityPoliciesClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.compute_v1.services.security_policies.transports.base.SecurityPoliciesTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)

Instantiates the security policies client.

Parameters
NameDescription
credentials Optional[google.auth.credentials.Credentials]

The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.

transport Union[str, SecurityPoliciesTransport]

The transport to use. If set to None, a transport is chosen automatically.

client_options google.api_core.client_options.ClientOptions

Custom options for the client. It won't take effect if a transport instance is provided. (1) The api_endpoint property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: "always" (always use the default mTLS endpoint), "never" (always use the default regular endpoint) and "auto" (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, the api_endpoint property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is "true", then the client_cert_source property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not set, no client certificate will be used.

client_info google.api_core.gapic_v1.client_info.ClientInfo

The client info used to send a user-agent string along with API requests. If None, then default info will be used. Generally, you only need to set this if you're developing your own client library.

Exceptions
TypeDescription
google.auth.exceptions.MutualTLSChannelErrorIf mutual TLS transport creation failed for any reason.

__exit__

__exit__(type, value, traceback)

Releases underlying transport's resources.

add_rule_unary

add_rule_unary(request: Optional[Union[google.cloud.compute_v1.types.compute.AddRuleSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, security_policy_rule_resource: Optional[google.cloud.compute_v1.types.compute.SecurityPolicyRule] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Inserts a rule into a security policy.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.AddRuleSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.AddRule. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to update. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

security_policy_rule_resource google.cloud.compute_v1.types.SecurityPolicyRule

The body resource for this request This corresponds to the security_policy_rule_resource field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.OperationRepresents an Operation resource. Google Compute Engine has three Operation resources: \* [Global](/compute/docs/reference/rest/v1/globalOperations) \* [Regional](/compute/docs/reference/rest/v1/regionOperations) \* [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the globalOperations resource. - For regional operations, use the regionOperations resource. - For zonal operations, use the zonalOperations resource. For more information, read Global, Regional, and Zonal Resources.

aggregated_list

aggregated_list(request: Optional[Union[google.cloud.compute_v1.types.compute.AggregatedListSecurityPoliciesRequest, dict]] = None, *, project: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Retrieves the list of all SecurityPolicy resources, regional and global, available to the specified project.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.AggregatedListSecurityPoliciesRequest, dict]

The request object. A request message for SecurityPolicies.AggregatedList. See the method description for details.

project str

Name of the project scoping this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.services.security_policies.pagers.AggregatedListPagerIterating over this object will yield results and resolve additional pages automatically.

common_billing_account_path

common_billing_account_path(billing_account: str)

Returns a fully-qualified billing_account string.

common_folder_path

common_folder_path(folder: str)

Returns a fully-qualified folder string.

common_location_path

common_location_path(project: str, location: str)

Returns a fully-qualified location string.

common_organization_path

common_organization_path(organization: str)

Returns a fully-qualified organization string.

common_project_path

common_project_path(project: str)

Returns a fully-qualified project string.

delete_unary

delete_unary(request: Optional[Union[google.cloud.compute_v1.types.compute.DeleteSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Deletes the specified policy.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.DeleteSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.Delete. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to delete. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.OperationRepresents an Operation resource. Google Compute Engine has three Operation resources: \* [Global](/compute/docs/reference/rest/v1/globalOperations) \* [Regional](/compute/docs/reference/rest/v1/regionOperations) \* [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the globalOperations resource. - For regional operations, use the regionOperations resource. - For zonal operations, use the zonalOperations resource. For more information, read Global, Regional, and Zonal Resources.

from_service_account_file

from_service_account_file(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
NameDescription
filename str

The path to the service account private key json file.

Returns
TypeDescription
SecurityPoliciesClientThe constructed client.

from_service_account_info

from_service_account_info(info: dict, *args, **kwargs)

Creates an instance of this client using the provided credentials info.

Parameter
NameDescription
info dict

The service account private key info.

Returns
TypeDescription
SecurityPoliciesClientThe constructed client.

from_service_account_json

from_service_account_json(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
NameDescription
filename str

The path to the service account private key json file.

Returns
TypeDescription
SecurityPoliciesClientThe constructed client.

get

get(request: Optional[Union[google.cloud.compute_v1.types.compute.GetSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

List all of the ordered rules present in a single specified policy.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.GetSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.Get. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to get. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.SecurityPolicyRepresents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.

get_mtls_endpoint_and_cert_source

get_mtls_endpoint_and_cert_source(
    client_options: Optional[google.api_core.client_options.ClientOptions] = None,
)

Return the API endpoint and client cert source for mutual TLS.

The client cert source is determined in the following order: (1) if GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not "true", the client cert source is None. (2) if client_options.client_cert_source is provided, use the provided one; if the default client cert source exists, use the default one; otherwise the client cert source is None.

The API endpoint is determined in the following order: (1) if client_options.api_endpoint if provided, use the provided one. (2) if GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is "always", use the default mTLS endpoint; if the environment variabel is "never", use the default API endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise use the default API endpoint.

More details can be found at https://google.aip.dev/auth/4114.

Parameter
NameDescription
client_options google.api_core.client_options.ClientOptions

Custom options for the client. Only the api_endpoint and client_cert_source properties may be used in this method.

Exceptions
TypeDescription
google.auth.exceptions.MutualTLSChannelErrorIf any errors happen.
Returns
TypeDescription
Tuple[str, Callable[[], Tuple[bytes, bytes]]]returns the API endpoint and the client cert source to use.

get_rule

get_rule(request: Optional[Union[google.cloud.compute_v1.types.compute.GetRuleSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Gets a rule at the specified priority.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.GetRuleSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.GetRule. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to which the queried rule belongs. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.SecurityPolicyRuleRepresents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).

insert_unary

insert_unary(request: Optional[Union[google.cloud.compute_v1.types.compute.InsertSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy_resource: Optional[google.cloud.compute_v1.types.compute.SecurityPolicy] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Creates a new policy in the specified project using the data included in the request.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.InsertSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.Insert. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy_resource google.cloud.compute_v1.types.SecurityPolicy

The body resource for this request This corresponds to the security_policy_resource field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.OperationRepresents an Operation resource. Google Compute Engine has three Operation resources: \* [Global](/compute/docs/reference/rest/v1/globalOperations) \* [Regional](/compute/docs/reference/rest/v1/regionOperations) \* [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the globalOperations resource. - For regional operations, use the regionOperations resource. - For zonal operations, use the zonalOperations resource. For more information, read Global, Regional, and Zonal Resources.

list

list(request: Optional[Union[google.cloud.compute_v1.types.compute.ListSecurityPoliciesRequest, dict]] = None, *, project: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

List all the policies that have been configured for the specified project.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.ListSecurityPoliciesRequest, dict]

The request object. A request message for SecurityPolicies.List. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.services.security_policies.pagers.ListPagerIterating over this object will yield results and resolve additional pages automatically.

list_preconfigured_expression_sets

list_preconfigured_expression_sets(request: Optional[Union[google.cloud.compute_v1.types.compute.ListPreconfiguredExpressionSetsSecurityPoliciesRequest, dict]] = None, *, project: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.ListPreconfiguredExpressionSetsSecurityPoliciesRequest, dict]

The request object. A request message for SecurityPolicies.ListPreconfiguredExpressionSets. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

parse_common_billing_account_path

parse_common_billing_account_path(path: str)

Parse a billing_account path into its component segments.

parse_common_folder_path

parse_common_folder_path(path: str)

Parse a folder path into its component segments.

parse_common_location_path

parse_common_location_path(path: str)

Parse a location path into its component segments.

parse_common_organization_path

parse_common_organization_path(path: str)

Parse a organization path into its component segments.

parse_common_project_path

parse_common_project_path(path: str)

Parse a project path into its component segments.

patch_rule_unary

patch_rule_unary(request: Optional[Union[google.cloud.compute_v1.types.compute.PatchRuleSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, security_policy_rule_resource: Optional[google.cloud.compute_v1.types.compute.SecurityPolicyRule] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Patches a rule at the specified priority.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.PatchRuleSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.PatchRule. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to update. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

security_policy_rule_resource google.cloud.compute_v1.types.SecurityPolicyRule

The body resource for this request This corresponds to the security_policy_rule_resource field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.OperationRepresents an Operation resource. Google Compute Engine has three Operation resources: \* [Global](/compute/docs/reference/rest/v1/globalOperations) \* [Regional](/compute/docs/reference/rest/v1/regionOperations) \* [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the globalOperations resource. - For regional operations, use the regionOperations resource. - For zonal operations, use the zonalOperations resource. For more information, read Global, Regional, and Zonal Resources.

patch_unary

patch_unary(request: Optional[Union[google.cloud.compute_v1.types.compute.PatchSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, security_policy_resource: Optional[google.cloud.compute_v1.types.compute.SecurityPolicy] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.PatchSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.Patch. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to update. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

security_policy_resource google.cloud.compute_v1.types.SecurityPolicy

The body resource for this request This corresponds to the security_policy_resource field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.OperationRepresents an Operation resource. Google Compute Engine has three Operation resources: \* [Global](/compute/docs/reference/rest/v1/globalOperations) \* [Regional](/compute/docs/reference/rest/v1/regionOperations) \* [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the globalOperations resource. - For regional operations, use the regionOperations resource. - For zonal operations, use the zonalOperations resource. For more information, read Global, Regional, and Zonal Resources.

remove_rule_unary

remove_rule_unary(request: Optional[Union[google.cloud.compute_v1.types.compute.RemoveRuleSecurityPolicyRequest, dict]] = None, *, project: Optional[str] = None, security_policy: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Deletes a rule at the specified priority.

Parameters
NameDescription
request Union[google.cloud.compute_v1.types.RemoveRuleSecurityPolicyRequest, dict]

The request object. A request message for SecurityPolicies.RemoveRule. See the method description for details.

project str

Project ID for this request. This corresponds to the project field on the request instance; if request is provided, this should not be set.

security_policy str

Name of the security policy to update. This corresponds to the security_policy field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
google.cloud.compute_v1.types.OperationRepresents an Operation resource. Google Compute Engine has three Operation resources: \* [Global](/compute/docs/reference/rest/v1/globalOperations) \* [Regional](/compute/docs/reference/rest/v1/regionOperations) \* [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the globalOperations resource. - For regional operations, use the regionOperations resource. - For zonal operations, use the zonalOperations resource. For more information, read Global, Regional, and Zonal Resources.