Class: Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy

Inherits:

Object

• Object
• Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb

Overview

Policy for ingress into [ServicePerimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

[IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] match requests based on ingress_from and ingress_to stanzas. For an ingress policy to match, both the ingress_from and ingress_to stanzas must be matched. If an [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] matches a request, the request is allowed through the perimeter boundary from outside the perimeter.

For example, access from the internet can be allowed either based on an [AccessLevel] [google.identity.accesscontextmanager.v1.AccessLevel] or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required.

Individual ingress policies can be limited by restricting which services and/or actions they match using the ingress_to field.

Instance Attribute Summary

• #ingress_from ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom

  Defines the conditions on the source of a request causing this [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply.

• #ingress_to ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo

  Defines the conditions on the [ApiOperation] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation] and request destination that cause this [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply.

Instance Attribute Details

#ingress_from ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom

Returns Defines the conditions on the source of a request causing this [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply.

Returns:

• (::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom) —

  Defines the conditions on the source of a request causing this [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply.

# File 'proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb', line 347

class IngressPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#ingress_to ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo

Returns Defines the conditions on the [ApiOperation] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation] and request destination that cause this [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply.

Returns:

• (::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo) —

  Defines the conditions on the [ApiOperation] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation] and request destination that cause this [IngressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply.

# File 'proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb', line 347

class IngressPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end