Class: Google::Apis::NetworksecurityV1beta1::TlsInspectionPolicy

Inherits:

Object

• Object
• Google::Apis::NetworksecurityV1beta1::TlsInspectionPolicy

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/networksecurity_v1beta1/classes.rb,
lib/google/apis/networksecurity_v1beta1/representations.rb,
lib/google/apis/networksecurity_v1beta1/representations.rb

Overview

The TlsInspectionPolicy resource contains references to CA pools in Certificate Authority Service and associated metadata.

Instance Attribute Summary

• #ca_pool ⇒ String

  Required.

• #create_time ⇒ String

  Output only.

• #custom_tls_features ⇒ Array<String>

  Optional.

• #description ⇒ String

  Optional.

• #exclude_public_ca_set ⇒ Boolean (also: #exclude_public_ca_set?)

  Optional.

• #min_tls_version ⇒ String

  Optional.

• #name ⇒ String

  Required.

• #tls_feature_profile ⇒ String

  Optional.

• #trust_config ⇒ String

  Optional.

• #update_time ⇒ String

  Output only.

Instance Method Summary

• #initialize(**args) ⇒ TlsInspectionPolicy constructor

  A new instance of TlsInspectionPolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ TlsInspectionPolicy

Returns a new instance of TlsInspectionPolicy.

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3379

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#ca_pool ⇒ String

Required. A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/project /locations/location/caPools/ca_pool". Corresponds to the JSON property caPool

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3302

def ca_pool
  @ca_pool
end

#create_time ⇒ String

Output only. The timestamp when the resource was created. Corresponds to the JSON property createTime

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3307

def create_time
  @create_time
end

#custom_tls_features ⇒ Array<String>

Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService. ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field. Corresponds to the JSON property customTlsFeatures

Returns:

• (Array<String>)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3315

def custom_tls_features
  @custom_tls_features
end

#description ⇒ String

Optional. Free-text description of the resource. Corresponds to the JSON property description

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3320

def description
  @description
end

#exclude_public_ca_set ⇒ Boolean Also known as: exclude_public_ca_set?

Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field. Corresponds to the JSON property excludePublicCaSet

Returns:

• (Boolean)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3334

def exclude_public_ca_set
  @exclude_public_ca_set
end

#min_tls_version ⇒ String

Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field. Corresponds to the JSON property minTlsVersion

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3345

def min_tls_version
  @min_tls_version
end

#name ⇒ String

Required. Name of the resource. Name is of the form projects/project/ locations/location/tlsInspectionPolicies/tls_inspection_policy tls_inspection_policy should match the pattern:(^a-z ?$). Corresponds to the JSON property name

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3353

def name
  @name
end

#tls_feature_profile ⇒ String

Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field. Corresponds to the JSON property tlsFeatureProfile

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3362

def tls_feature_profile
  @tls_feature_profile
end

#trust_config ⇒ String

Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/project /locations/location/trustConfigs/trust_config". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field. Corresponds to the JSON property trustConfig

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3372

def trust_config
  @trust_config
end

#update_time ⇒ String

Output only. The timestamp when the resource was updated. Corresponds to the JSON property updateTime

Returns:

• (String)

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3377

def update_time
  @update_time
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/networksecurity_v1beta1/classes.rb', line 3384

def update!(**args)
  @ca_pool = args[:ca_pool] if args.key?(:ca_pool)
  @create_time = args[:create_time] if args.key?(:create_time)
  @custom_tls_features = args[:custom_tls_features] if args.key?(:custom_tls_features)
  @description = args[:description] if args.key?(:description)
  @exclude_public_ca_set = args[:exclude_public_ca_set] if args.key?(:exclude_public_ca_set)
  @min_tls_version = args[:min_tls_version] if args.key?(:min_tls_version)
  @name = args[:name] if args.key?(:name)
  @tls_feature_profile = args[:tls_feature_profile] if args.key?(:tls_feature_profile)
  @trust_config = args[:trust_config] if args.key?(:trust_config)
  @update_time = args[:update_time] if args.key?(:update_time)
end