Class: Google::Apis::ComputeBeta::SecuritySettings

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/compute_beta/classes.rb,
lib/google/apis/compute_beta/representations.rb,
lib/google/apis/compute_beta/representations.rb

Overview

The authentication and authorization settings for a BackendService.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ SecuritySettings

Returns a new instance of SecuritySettings.



35977
35978
35979
 
# File 'lib/google/apis/compute_beta/classes.rb', line 35977

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#authenticationString

[Deprecated] Use clientTlsPolicy instead. Corresponds to the JSON property authentication

Returns:

  • (String) 


35942
35943
35944
 
# File 'lib/google/apis/compute_beta/classes.rb', line 35942

def authentication
  @authentication
end

#aws_v4_authenticationGoogle::Apis::ComputeBeta::Awsv4Signature

Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'. Corresponds to the JSON property awsV4Authentication

Returns:



35950
35951
35952
 
# File 'lib/google/apis/compute_beta/classes.rb', line 35950

def aws_v4_authentication
  @aws_v4_authentication
end

#client_tls_policyString

Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact. Corresponds to the JSON property clientTlsPolicy

Returns:

  • (String) 


35959
35960
35961
 
# File 'lib/google/apis/compute_beta/classes.rb', line 35959

def client_tls_policy
  @client_tls_policy
end

#subject_alt_namesArray<String>

Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact. Corresponds to the JSON property subjectAltNames

Returns:

  • (Array<String>) 


35975
35976
35977
 
# File 'lib/google/apis/compute_beta/classes.rb', line 35975

def subject_alt_names
  @subject_alt_names
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



35982
35983
35984
35985
35986
35987
 
# File 'lib/google/apis/compute_beta/classes.rb', line 35982

def update!(**args)
  @authentication = args[:authentication] if args.key?(:authentication)
  @aws_v4_authentication = args[:aws_v4_authentication] if args.key?(:aws_v4_authentication)
  @client_tls_policy = args[:client_tls_policy] if args.key?(:client_tls_policy)
  @subject_alt_names = args[:subject_alt_names] if args.key?(:subject_alt_names)
end