class Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1EgressTo
Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.
Attributes
A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/ service in this list. Corresponds to the JSON property `operations` @return [Array<Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ApiOperation>]
A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter. Corresponds to the JSON property `resources` @return [Array<String>]
Public Class Methods
# File lib/google/apis/cloudasset_v1/classes.rb, line 2309 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/cloudasset_v1/classes.rb, line 2314 def update!(**args) @operations = args[:operations] if args.key?(:operations) @resources = args[:resources] if args.key?(:resources) end