View Source GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig (google_api_cloud_asset v0.35.0)
ServicePerimeterConfig
specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.
Attributes
-
accessLevels
(type:list(String.t)
, default:nil
) - A list ofAccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty. -
egressPolicies
(type:list(GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1EgressPolicy.t)
, default:nil
) - List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. -
ingressPolicies
(type:list(GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1IngressPolicy.t)
, default:nil
) - List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge. -
resources
(type:list(String.t)
, default:nil
) - A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format:projects/{project_number}
VPC network format://compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}
. -
restrictedServices
(type:list(String.t)
, default:nil
) - Google Cloud services that are subject to the Service Perimeter restrictions. For example, ifstorage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. -
vpcAccessibleServices
(type:GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices.t
, default:nil
) - Configuration for APIs allowed within Perimeter.
Summary
Functions
Unwrap a decoded JSON object into its complex fields.
Types
@type t() :: %GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig{ accessLevels: [String.t()] | nil, egressPolicies: [ GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1EgressPolicy.t() ] | nil, ingressPolicies: [ GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1IngressPolicy.t() ] | nil, resources: [String.t()] | nil, restrictedServices: [String.t()] | nil, vpcAccessibleServices: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices.t() | nil }
Functions
Unwrap a decoded JSON object into its complex fields.