Class: Google::Cloud::NetworkSecurity::V1beta1::ServerTlsPolicy

Inherits:

Object

• Object
• Google::Cloud::NetworkSecurity::V1beta1::ServerTlsPolicy

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb

Overview

ServerTlsPolicy is a resource that specifies how a server should authenticate incoming requests. This resource itself does not affect configuration unless it is attached to a target https proxy or endpoint config selector resource.

Defined Under Namespace

Classes: LabelsEntry, MTLSPolicy

Instance Attribute Summary

• #allow_open ⇒ ::Boolean

  Determines if server allows plaintext connections.

• #create_time ⇒ ::Google::Protobuf::Timestamp readonly

  Output only.

• #description ⇒ ::String

  Free-text description of the resource.

• #labels ⇒ ::Google::Protobuf::Map{::String => ::String}

  Set of label tags associated with the resource.

• #mtls_policy ⇒ ::Google::Cloud::NetworkSecurity::V1beta1::ServerTlsPolicy::MTLSPolicy

  Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS).

• #name ⇒ ::String

  Required.

• #server_certificate ⇒ ::Google::Cloud::NetworkSecurity::V1beta1::CertificateProvider

  Defines a mechanism to provision server identity (public and private keys).

• #update_time ⇒ ::Google::Protobuf::Timestamp readonly

  Output only.

Instance Attribute Details

#allow_open ⇒ ::Boolean

Returns Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allow_open and mtls_policy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.

Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

Returns:

• (::Boolean) —

  Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allow_open and mtls_policy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.

  Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#create_time ⇒ ::Google::Protobuf::Timestamp (readonly)

Returns Output only. The timestamp when the resource was created.

Returns:

• (::Google::Protobuf::Timestamp) —

  Output only. The timestamp when the resource was created.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#description ⇒ ::String

Returns Free-text description of the resource.

Returns:

• (::String) —

  Free-text description of the resource.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#labels ⇒ ::Google::Protobuf::Map{::String => ::String}

Returns Set of label tags associated with the resource.

Returns:

• (::Google::Protobuf::Map{::String => ::String}) —

  Set of label tags associated with the resource.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#mtls_policy ⇒ ::Google::Cloud::NetworkSecurity::V1beta1::ServerTlsPolicy::MTLSPolicy

Returns Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allow_open and mtls_policy are set, server allows both plain text and mTLS connections.

Returns:

• (::Google::Cloud::NetworkSecurity::V1beta1::ServerTlsPolicy::MTLSPolicy) —

  Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allow_open and mtls_policy are set, server allows both plain text and mTLS connections.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#name ⇒ ::String

Returns Required. Name of the ServerTlsPolicy resource. It matches the pattern projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}.

Returns:

• (::String) —

  Required. Name of the ServerTlsPolicy resource. It matches the pattern projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#server_certificate ⇒ ::Google::Cloud::NetworkSecurity::V1beta1::CertificateProvider

Returns Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allow_open as a permissive mode that allows both plain text and TLS is not supported.

Returns:

• (::Google::Cloud::NetworkSecurity::V1beta1::CertificateProvider) —

  Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allow_open as a permissive mode that allows both plain text and TLS is not supported.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#update_time ⇒ ::Google::Protobuf::Timestamp (readonly)

Returns Output only. The timestamp when the resource was updated.

Returns:

• (::Google::Protobuf::Timestamp) —

  Output only. The timestamp when the resource was updated.

# File 'proto_docs/google/cloud/networksecurity/v1beta1/server_tls_policy.rb', line 66

class ServerTlsPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Specification of the MTLSPolicy.
  # @!attribute [rw] client_validation_ca
  #   @return [::Array<::Google::Cloud::NetworkSecurity::V1beta1::ValidationCA>]
  #     Defines the mechanism to obtain the Certificate Authority certificate to
  #     validate the client certificate.
  class MTLSPolicy
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end