class Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig

`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

Attributes

access_levels[RW]

A list of `AccessLevel` resource names that allow resources within the ` ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent ` AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `“accessPolicies/MY_POLICY/ accessLevels/MY_LEVEL”`. For Service Perimeter Bridge, must be empty. Corresponds to the JSON property `accessLevels` @return [Array<String>]

egress_policies[RW]

List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. Corresponds to the JSON property `egressPolicies` @return [Array<Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1EgressPolicy>]

ingress_policies[RW]

List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge. Corresponds to the JSON property `ingressPolicies` @return [Array<Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1IngressPolicy>]

resources[RW]

A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/`project_number“ Corresponds to the JSON property `resources` @return [Array<String>]

restricted_services[RW]

Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. Corresponds to the JSON property `restrictedServices` @return [Array<String>]

vpc_accessible_services[RW]

Specifies how APIs are allowed to communicate within the Service Perimeter. Corresponds to the JSON property `vpcAccessibleServices` @return [Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices]

Public Class Methods

new(**args) click to toggle source
# File lib/google/apis/cloudasset_v1p7beta1/classes.rb, line 1849
def initialize(**args)
   update!(**args)
end

Public Instance Methods

update!(**args) click to toggle source

Update properties of this object

# File lib/google/apis/cloudasset_v1p7beta1/classes.rb, line 1854
def update!(**args)
  @access_levels = args[:access_levels] if args.key?(:access_levels)
  @egress_policies = args[:egress_policies] if args.key?(:egress_policies)
  @ingress_policies = args[:ingress_policies] if args.key?(:ingress_policies)
  @resources = args[:resources] if args.key?(:resources)
  @restricted_services = args[:restricted_services] if args.key?(:restricted_services)
  @vpc_accessible_services = args[:vpc_accessible_services] if args.key?(:vpc_accessible_services)
end