Class: Google::Apis::NetworksecurityV1beta1::TlsInspectionPolicy
- Inherits:
-
Object
- Object
- Google::Apis::NetworksecurityV1beta1::TlsInspectionPolicy
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/networksecurity_v1beta1/classes.rb,
lib/google/apis/networksecurity_v1beta1/representations.rb,
lib/google/apis/networksecurity_v1beta1/representations.rb
Overview
The TlsInspectionPolicy resource contains references to CA pools in Certificate Authority Service and associated metadata.
Instance Attribute Summary collapse
-
#ca_pool ⇒ String
Required.
-
#create_time ⇒ String
Output only.
-
#custom_tls_features ⇒ Array<String>
Optional.
-
#description ⇒ String
Optional.
-
#exclude_public_ca_set ⇒ Boolean
(also: #exclude_public_ca_set?)
Optional.
-
#min_tls_version ⇒ String
Optional.
-
#name ⇒ String
Required.
-
#tls_feature_profile ⇒ String
Optional.
-
#trust_config ⇒ String
Optional.
-
#update_time ⇒ String
Output only.
Instance Method Summary collapse
-
#initialize(**args) ⇒ TlsInspectionPolicy
constructor
A new instance of TlsInspectionPolicy.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ TlsInspectionPolicy
Returns a new instance of TlsInspectionPolicy.
2391 2392 2393 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2391 def initialize(**args) update!(**args) end |
Instance Attribute Details
#ca_pool ⇒ String
Required. A CA pool resource used to issue interception certificates. The CA
pool string has a relative resource path following the form "projects/project
/locations/location
/caPools/ca_pool
".
Corresponds to the JSON property caPool
2314 2315 2316 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2314 def ca_pool @ca_pool end |
#create_time ⇒ String
Output only. The timestamp when the resource was created.
Corresponds to the JSON property createTime
2319 2320 2321 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2319 def create_time @create_time end |
#custom_tls_features ⇒ Array<String>
Optional. List of custom TLS cipher suites selected. This field is valid only
if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.
ListAvailableFeatures method returns the set of features that can be specified
in this list. Note that Secure Web Proxy does not yet honor this field.
Corresponds to the JSON property customTlsFeatures
2327 2328 2329 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2327 def custom_tls_features @custom_tls_features end |
#description ⇒ String
Optional. Free-text description of the resource.
Corresponds to the JSON property description
2332 2333 2334 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2332 def description @description end |
#exclude_public_ca_set ⇒ Boolean Also known as: exclude_public_ca_set?
Optional. If FALSE (the default), use our default set of public CAs in
addition to any CAs specified in trust_config. These public CAs are currently
based on the Mozilla Root Program and are subject to change over time. If TRUE,
do not accept our default set of public CAs. Only CAs specified in
trust_config will be accepted. This defaults to FALSE (use public CAs in
addition to trust_config) for backwards compatibility, but trusting public
root CAs is not recommended unless the traffic in question is outbound to
public web servers. When possible, prefer setting this to "false" and
explicitly specifying trusted CAs and certificates in a TrustConfig. Note that
Secure Web Proxy does not yet honor this field.
Corresponds to the JSON property excludePublicCaSet
2346 2347 2348 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2346 def exclude_public_ca_set @exclude_public_ca_set end |
#min_tls_version ⇒ String
Optional. Minimum TLS version that the firewall should use when negotiating
connections with both clients and servers. If this is not set, then the
default value is to allow the broadest set of clients and servers (TLS 1.0 or
higher). Setting this to more restrictive values may improve security, but may
also prevent the firewall from connecting to some clients or servers. Note
that Secure Web Proxy does not yet honor this field.
Corresponds to the JSON property minTlsVersion
2357 2358 2359 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2357 def min_tls_version @min_tls_version end |
#name ⇒ String
Required. Name of the resource. Name is of the form projects/project
/
locations/location
/tlsInspectionPolicies/tls_inspection_policy
tls_inspection_policy should match the pattern:(^a-z
?$).
Corresponds to the JSON property name
2365 2366 2367 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2365 def name @name end |
#tls_feature_profile ⇒ String
Optional. The selected Profile. If this is not set, then the default value is
to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE").
Setting this to more restrictive values may improve security, but may also
prevent the TLS inspection proxy from connecting to some clients or servers.
Note that Secure Web Proxy does not yet honor this field.
Corresponds to the JSON property tlsFeatureProfile
2374 2375 2376 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2374 def tls_feature_profile @tls_feature_profile end |
#trust_config ⇒ String
Optional. A TrustConfig resource used when making a connection to the TLS
server. This is a relative resource path following the form "projects/project
/locations/location
/trustConfigs/trust_config
". This is necessary to
intercept TLS connections to servers with certificates signed by a private CA
or self-signed certificates. Note that Secure Web Proxy does not yet honor
this field.
Corresponds to the JSON property trustConfig
2384 2385 2386 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2384 def trust_config @trust_config end |
#update_time ⇒ String
Output only. The timestamp when the resource was updated.
Corresponds to the JSON property updateTime
2389 2390 2391 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2389 def update_time @update_time end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 |
# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 2396 def update!(**args) @ca_pool = args[:ca_pool] if args.key?(:ca_pool) @create_time = args[:create_time] if args.key?(:create_time) @custom_tls_features = args[:custom_tls_features] if args.key?(:custom_tls_features) @description = args[:description] if args.key?(:description) @exclude_public_ca_set = args[:exclude_public_ca_set] if args.key?(:exclude_public_ca_set) @min_tls_version = args[:min_tls_version] if args.key?(:min_tls_version) @name = args[:name] if args.key?(:name) @tls_feature_profile = args[:tls_feature_profile] if args.key?(:tls_feature_profile) @trust_config = args[:trust_config] if args.key?(:trust_config) @update_time = args[:update_time] if args.key?(:update_time) end |