Rule(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Specification of rules. .. attribute:: sources
Optional. List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ip_blocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
:type: Sequence[google.cloud.network_security_v1beta1.types.AuthorizationPolicy.Rule.Source]
Attribute | |
---|---|
Name | Description |
destinations |
Sequence[google.cloud.network_security_v1beta1.types.AuthorizationPolicy.Rule.Destination]
Optional. List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination. |
Classes
Destination
Destination(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Specification of traffic destination attributes. .. attribute:: hosts
Required. List of host names to match. Matched against HOST header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.") or a suffix match (example // *.myorg.com") or a presence(any) match "".
:type: Sequence[str]
Source
Source(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Specification of traffic source attributes. .. attribute:: principals
Optional. List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/") or a suffix match (example, // */service-account") or a presence match "".
:type: Sequence[str]