Class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressPolicy

Inherits:

Object

• Object
• Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressPolicy

Includes:

Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport

Defined in:

lib/google/apis/cloudasset_v1/classes.rb,
lib/google/apis/cloudasset_v1/representations.rb,
lib/google/apis/cloudasset_v1/representations.rb

Overview

Policy for ingress into ServicePerimeter. IngressPolicies match requests based on ingress_from and ingress_to stanzas. For an ingress policy to match, both the ingress_from and ingress_to stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the ingress_to field.

Instance Attribute Summary

• #ingress_from ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressFrom

  Defines the conditions under which an IngressPolicy matches a request.

• #ingress_to ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressTo

  Defines the conditions under which an IngressPolicy matches a request.

• #title ⇒ String

  Optional.

Instance Method Summary

• #initialize(**args) ⇒ GoogleIdentityAccesscontextmanagerV1IngressPolicy constructor

  A new instance of GoogleIdentityAccesscontextmanagerV1IngressPolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ GoogleIdentityAccesscontextmanagerV1IngressPolicy

Returns a new instance of GoogleIdentityAccesscontextmanagerV1IngressPolicy.

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3428

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#ingress_from ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressFrom

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in sources AND identity related fields in order to match. Corresponds to the JSON property ingressFrom

Returns:

• (Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressFrom)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3410

def ingress_from
  @ingress_from
end

#ingress_to ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressTo

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in operations AND resources in order to match. Corresponds to the JSON property ingressTo

Returns:

• (Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1IngressTo)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3418

def ingress_to
  @ingress_to
end

#title ⇒ String

Optional. Human-readable title for the ingress rule. The title must be unique within the perimeter and can not exceed 100 characters. Within the access policy, the combined length of all rule titles must not exceed 240,000 characters. Corresponds to the JSON property title

Returns:

• (String)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3426

def title
  @title
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3433

def update!(**args)
  @ingress_from = args[:ingress_from] if args.key?(:ingress_from)
  @ingress_to = args[:ingress_to] if args.key?(:ingress_to)
  @title = args[:title] if args.key?(:title)
end