Class: Google::Identity::AccessContextManager::V1::ServicePerimeterConfig
- Inherits:
-
Object
- Object
- Google::Identity::AccessContextManager::V1::ServicePerimeterConfig
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb
Overview
ServicePerimeterConfig
specifies a set of Google Cloud resources that
describe specific Service Perimeter configuration.
Defined Under Namespace
Classes: VpcAccessibleServices
Instance Attribute Summary collapse
-
#access_levels ⇒ ::Array<::String>
A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet. -
#resources ⇒ ::Array<::String>
A list of Google Cloud resources that are inside of the service perimeter.
-
#restricted_services ⇒ ::Array<::String>
Google Cloud services that are subject to the Service Perimeter restrictions.
-
#vpc_accessible_services ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices
Configuration for APIs allowed within Perimeter.
Instance Attribute Details
#access_levels ⇒ ::Array<::String>
Returns A list of AccessLevel
resource names that allow resources within the
ServicePerimeter
to be accessed from the internet. AccessLevels
listed
must be in the same policy as this ServicePerimeter
. Referencing a
nonexistent AccessLevel
is a syntax error. If no AccessLevel
names are
listed, resources within the perimeter can only be accessed via Google
Cloud calls with request origins within the perimeter. Example:
"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
.
For Service Perimeter Bridge, must be empty.
136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 |
# File 'proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb', line 136 class ServicePerimeterConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Specifies how APIs are allowed to communicate within the Service # Perimeter. # @!attribute [rw] enable_restriction # @return [::Boolean] # Whether to restrict API calls within the Service Perimeter to the list of # APIs specified in 'allowed_services'. # @!attribute [rw] allowed_services # @return [::Array<::String>] # The list of APIs usable within the Service Perimeter. Must be empty # unless 'enable_restriction' is True. class VpcAccessibleServices include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#resources ⇒ ::Array<::String>
Returns A list of Google Cloud resources that are inside of the service perimeter.
Currently only projects are allowed. Format: projects/{project_number}
.
136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 |
# File 'proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb', line 136 class ServicePerimeterConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Specifies how APIs are allowed to communicate within the Service # Perimeter. # @!attribute [rw] enable_restriction # @return [::Boolean] # Whether to restrict API calls within the Service Perimeter to the list of # APIs specified in 'allowed_services'. # @!attribute [rw] allowed_services # @return [::Array<::String>] # The list of APIs usable within the Service Perimeter. Must be empty # unless 'enable_restriction' is True. class VpcAccessibleServices include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#restricted_services ⇒ ::Array<::String>
Returns Google Cloud services that are subject to the Service Perimeter
restrictions. For example, if storage.googleapis.com
is specified, access
to the storage buckets inside the perimeter must meet the perimeter's
access restrictions.
136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 |
# File 'proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb', line 136 class ServicePerimeterConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Specifies how APIs are allowed to communicate within the Service # Perimeter. # @!attribute [rw] enable_restriction # @return [::Boolean] # Whether to restrict API calls within the Service Perimeter to the list of # APIs specified in 'allowed_services'. # @!attribute [rw] allowed_services # @return [::Array<::String>] # The list of APIs usable within the Service Perimeter. Must be empty # unless 'enable_restriction' is True. class VpcAccessibleServices include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#vpc_accessible_services ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::VpcAccessibleServices
Returns Configuration for APIs allowed within Perimeter.
136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 |
# File 'proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb', line 136 class ServicePerimeterConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Specifies how APIs are allowed to communicate within the Service # Perimeter. # @!attribute [rw] enable_restriction # @return [::Boolean] # Whether to restrict API calls within the Service Perimeter to the list of # APIs specified in 'allowed_services'. # @!attribute [rw] allowed_services # @return [::Array<::String>] # The list of APIs usable within the Service Perimeter. Must be empty # unless 'enable_restriction' is True. class VpcAccessibleServices include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |