Class: Google::Apis::AccesscontextmanagerV1beta::ServicePerimeterConfig

Inherits:

Object

• Object
• Google::Apis::AccesscontextmanagerV1beta::ServicePerimeterConfig

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/accesscontextmanager_v1beta/classes.rb,
generated/google/apis/accesscontextmanager_v1beta/representations.rb,
generated/google/apis/accesscontextmanager_v1beta/representations.rb

Overview

ServicePerimeterConfig specifies a set of GCP resources that describe specific Service Perimeter configuration.

Instance Attribute Summary

• #access_levels ⇒ Array<String>

  A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet.

• #resources ⇒ Array<String>

  A list of GCP resources that are inside of the service perimeter.

• #restricted_services ⇒ Array<String>

  GCP services that are subject to the Service Perimeter restrictions.

• #unrestricted_services ⇒ Array<String>

  GCP services that are not subject to the Service Perimeter restrictions.

Instance Method Summary

• #initialize(**args) ⇒ ServicePerimeterConfig constructor

  A new instance of ServicePerimeterConfig.

• #update!(**args) ⇒ Object

  Update properties of this object.

Methods included from Core::JsonObjectSupport

#to_json

Methods included from Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ ServicePerimeterConfig

Returns a new instance of ServicePerimeterConfig

# File 'generated/google/apis/accesscontextmanager_v1beta/classes.rb', line 611

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#access_levels ⇒ Array<String>

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via GCP calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty. Corresponds to the JSON property accessLevels

Returns:

• (Array<String>)

# File 'generated/google/apis/accesscontextmanager_v1beta/classes.rb', line 571

def access_levels
  @access_levels
end

#resources ⇒ Array<String>

A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/project_number` Corresponds to the JSON propertyresources`

Returns:

• (Array<String>)

# File 'generated/google/apis/accesscontextmanager_v1beta/classes.rb', line 577

def resources
  @resources
end

#restricted_services ⇒ Array<String>

GCP services that are subject to the Service Perimeter restrictions. May contain a list of services or a single wildcard "". For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. Wildcard means that unless explicitly specified by "unrestricted_services" list, any service is treated as restricted. One of the fields "restricted_services", "unrestricted_services" must contain a wildcard "", otherwise the Service Perimeter specification is invalid. It also means that both field being empty is invalid as well. "restricted_services" can be empty if and only if "unrestricted_services" list contains a "*" wildcard. Corresponds to the JSON property restrictedServices

Returns:

• (Array<String>)

# File 'generated/google/apis/accesscontextmanager_v1beta/classes.rb', line 592

def restricted_services
  @restricted_services
end

#unrestricted_services ⇒ Array<String>

GCP services that are not subject to the Service Perimeter restrictions. May contain a list of services or a single wildcard "". For example, if logging.googleapis.com is unrestricted, users can access logs inside the perimeter as if the perimeter doesn't exist, and it also means VMs inside the perimeter can access logs outside the perimeter. The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted. One of the fields "restricted_services", "unrestricted_services" must contain a wildcard "", otherwise the Service Perimeter specification is invalid. It also means that both field being empty is invalid as well. "unrestricted_services" can be empty if and only if "restricted_services" list contains a "*" wildcard. Corresponds to the JSON property unrestrictedServices

Returns:

• (Array<String>)

# File 'generated/google/apis/accesscontextmanager_v1beta/classes.rb', line 609

def unrestricted_services
  @unrestricted_services
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/accesscontextmanager_v1beta/classes.rb', line 616

def update!(**args)
  @access_levels = args[:access_levels] if args.key?(:access_levels)
  @resources = args[:resources] if args.key?(:resources)
  @restricted_services = args[:restricted_services] if args.key?(:restricted_services)
  @unrestricted_services = args[:unrestricted_services] if args.key?(:unrestricted_services)
end