EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.

Attributes

• authorizationPolicy (type: String.t, default: nil) - Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
• clientTlsPolicy (type: String.t, default: nil) - Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
• createTime (type: DateTime.t, default: nil) - Output only. The timestamp when the resource was created.
• description (type: String.t, default: nil) - Optional. A free-text description of the resource. Max length 1024 characters.
• endpointMatcher (type: GoogleApi.NetworkServices.V1.Model.EndpointMatcher.t, default: nil) - Required. A matcher that selects endpoints to which the policies should be applied.
• labels (type: map(), default: nil) - Optional. Set of label tags associated with the EndpointPolicy resource.
• name (type: String.t, default: nil) - Identifier. Name of the EndpointPolicy resource. It matches pattern projects/{project}/locations/global/endpointPolicies/{endpoint_policy}.
• serverTlsPolicy (type: String.t, default: nil) - Optional. A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. If this field is not set, authentication is disabled(open) for this endpoint.
• trafficPortSelector (type: GoogleApi.NetworkServices.V1.Model.TrafficPortSelector.t, default: nil) - Optional. Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports.
• type (type: String.t, default: nil) - Required. The type of endpoint policy. This is primarily used to validate the configuration.
• updateTime (type: DateTime.t, default: nil) - Output only. The timestamp when the resource was updated.