Reference documentation and code samples for the Access Context Manager V1 API class Google::Identity::AccessContextManager::V1::ServicePerimeterConfig.
ServicePerimeterConfig
specifies a set of Google Cloud resources that
describe specific Service Perimeter configuration.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#access_levels
def access_levels() -> ::Array<::String>
Returns
-
(::Array<::String>) — A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.
#access_levels=
def access_levels=(value) -> ::Array<::String>
Parameter
-
value (::Array<::String>) — A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.
Returns
-
(::Array<::String>) — A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.
#egress_policies
def egress_policies() -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>
Returns
- (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>) — List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.
#egress_policies=
def egress_policies=(value) -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>
Parameter
- value (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>) — List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.
Returns
- (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::EgressPolicy>) — List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.
#ingress_policies
def ingress_policies() -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>
Returns
- (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>) — List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.
#ingress_policies=
def ingress_policies=(value) -> ::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>
Parameter
- value (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>) — List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.
Returns
- (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy>) — List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.
#resources
def resources() -> ::Array<::String>
Returns
-
(::Array<::String>) — A list of Google Cloud resources that are inside of the service perimeter.
Currently only projects are allowed. Format:
projects/{project_number}
#resources=
def resources=(value) -> ::Array<::String>
Parameter
-
value (::Array<::String>) — A list of Google Cloud resources that are inside of the service perimeter.
Currently only projects are allowed. Format:
projects/{project_number}
Returns
-
(::Array<::String>) — A list of Google Cloud resources that are inside of the service perimeter.
Currently only projects are allowed. Format:
projects/{project_number}
#restricted_services
def restricted_services() -> ::Array<::String>
Returns
-
(::Array<::String>) — Google Cloud services that are subject to the Service Perimeter
restrictions. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
#restricted_services=
def restricted_services=(value) -> ::Array<::String>
Parameter
-
value (::Array<::String>) — Google Cloud services that are subject to the Service Perimeter
restrictions. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
Returns
-
(::Array<::String>) — Google Cloud services that are subject to the Service Perimeter
restrictions. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
#vpc_accessible_services
def vpc_accessible_services() -> ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices
Returns
- (::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices) — Configuration for APIs allowed within Perimeter.
#vpc_accessible_services=
def vpc_accessible_services=(value) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices
Parameter
- value (::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices) — Configuration for APIs allowed within Perimeter.
Returns
- (::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices) — Configuration for APIs allowed within Perimeter.