Class: Google::Apis::ComputeAlpha::SecurityPolicyRule

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/compute_alpha/classes.rb,
lib/google/apis/compute_alpha/representations.rb,
lib/google/apis/compute_alpha/representations.rb

Overview

Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ SecurityPolicyRule

Returns a new instance of SecurityPolicyRule.



37794
37795
37796
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37794

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#actionString

The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(): deny access to target, returns the HTTP response code specified (valid values are 403, 404, and 502).

  • rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. Corresponds to the JSON property action

Returns:

  • (String) 


37689
37690
37691
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37689

def action
  @action
end

#descriptionString

An optional description of this resource. Provide this property when you create the resource. Corresponds to the JSON property description

Returns:

  • (String) 


37695
37696
37697
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37695

def description
  @description
end

#directionString

The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL. Corresponds to the JSON property direction

Returns:

  • (String) 


37701
37702
37703
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37701

def direction
  @direction
end

#enable_loggingBoolean Also known as: enable_logging?

Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL. Corresponds to the JSON property enableLogging

Returns:

  • (Boolean) 


37710
37711
37712
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37710

def enable_logging
  @enable_logging
end

#header_actionGoogle::Apis::ComputeAlpha::SecurityPolicyRuleHttpHeaderAction

Optional, additional actions that are performed on headers. Corresponds to the JSON property headerAction

Returns:



37716
37717
37718
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37716

def header_action
  @header_action
end

#kindString

[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules Corresponds to the JSON property kind

Returns:

  • (String) 


37722
37723
37724
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37722

def kind
  @kind
end

#matchGoogle::Apis::ComputeAlpha::SecurityPolicyRuleMatcher

Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. Corresponds to the JSON property match

Returns:



37728
37729
37730
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37728

def match
  @match
end

#previewBoolean Also known as: preview?

If set to true, the specified action is not enforced. Corresponds to the JSON property preview

Returns:

  • (Boolean) 


37733
37734
37735
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37733

def preview
  @preview
end

#priorityFixnum

An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. Corresponds to the JSON property priority

Returns:

  • (Fixnum) 


37742
37743
37744
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37742

def priority
  @priority
end

#rate_limit_optionsGoogle::Apis::ComputeAlpha::SecurityPolicyRuleRateLimitOptions

Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. Corresponds to the JSON property rateLimitOptions

Returns:



37748
37749
37750
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37748

def rate_limit_options
  @rate_limit_options
end

#redirect_optionsGoogle::Apis::ComputeAlpha::SecurityPolicyRuleRedirectOptions

Parameters defining the redirect action. Cannot be specified for any other actions. Corresponds to the JSON property redirectOptions

Returns:



37754
37755
37756
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37754

def redirect_options
  @redirect_options
end

#redirect_targetString

This must be specified for redirect actions. Cannot be specified for any other actions. Corresponds to the JSON property redirectTarget

Returns:

  • (String) 


37760
37761
37762
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37760

def redirect_target
  @redirect_target
end

#rule_managed_protection_tierString

[Output Only] The minimum managed protection tier required for this rule. Corresponds to the JSON property ruleManagedProtectionTier

Returns:

  • (String) 


37765
37766
37767
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37765

def rule_managed_protection_tier
  @rule_managed_protection_tier
end

#rule_numberFixnum

Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server. Corresponds to the JSON property ruleNumber

Returns:

  • (Fixnum) 


37772
37773
37774
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37772

def rule_number
  @rule_number
end

#rule_tuple_countFixnum

[Output Only] Calculation of the complexity of a single firewall security policy rule. Corresponds to the JSON property ruleTupleCount

Returns:

  • (Fixnum) 


37778
37779
37780
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37778

def rule_tuple_count
  @rule_tuple_count
end

#target_resourcesArray<String>

A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL. Corresponds to the JSON property targetResources

Returns:

  • (Array<String>) 


37786
37787
37788
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37786

def target_resources
  @target_resources
end

#target_service_accountsArray<String>

A list of service accounts indicating the sets of instances that are applied with this rule. Corresponds to the JSON property targetServiceAccounts

Returns:

  • (Array<String>) 


37792
37793
37794
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37792

def target_service_accounts
  @target_service_accounts
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



37799
37800
37801
37802
37803
37804
37805
37806
37807
37808
37809
37810
37811
37812
37813
37814
37815
37816
37817
 
# File 'lib/google/apis/compute_alpha/classes.rb', line 37799

def update!(**args)
  @action = args[:action] if args.key?(:action)
  @description = args[:description] if args.key?(:description)
  @direction = args[:direction] if args.key?(:direction)
  @enable_logging = args[:enable_logging] if args.key?(:enable_logging)
  @header_action = args[:header_action] if args.key?(:header_action)
  @kind = args[:kind] if args.key?(:kind)
  @match = args[:match] if args.key?(:match)
  @preview = args[:preview] if args.key?(:preview)
  @priority = args[:priority] if args.key?(:priority)
  @rate_limit_options = args[:rate_limit_options] if args.key?(:rate_limit_options)
  @redirect_options = args[:redirect_options] if args.key?(:redirect_options)
  @redirect_target = args[:redirect_target] if args.key?(:redirect_target)
  @rule_managed_protection_tier = args[:rule_managed_protection_tier] if args.key?(:rule_managed_protection_tier)
  @rule_number = args[:rule_number] if args.key?(:rule_number)
  @rule_tuple_count = args[:rule_tuple_count] if args.key?(:rule_tuple_count)
  @target_resources = args[:target_resources] if args.key?(:target_resources)
  @target_service_accounts = args[:target_service_accounts] if args.key?(:target_service_accounts)
end