Struct google_accesscontextmanager1_beta::ServicePerimeterConfig

pub struct ServicePerimeterConfig {
    pub restricted_services: Option<Vec<String>>,
    pub resources: Option<Vec<String>>,
    pub unrestricted_services: Option<Vec<String>>,
    pub access_levels: Option<Vec<String>>,
}

ServicePerimeterConfig specifies a set of GCP resources that describe specific Service Perimeter configuration.

This type is not used in any activity, and only used as part of another schema.

Fields

restricted_services: Option<Vec<String>>

GCP services that are subject to the Service Perimeter restrictions. May contain a list of services or a single wildcard "*". For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

Wildcard means that unless explicitly specified by "unrestricted_services" list, any service is treated as restricted. One of the fields "restricted_services", "unrestricted_services" must contain a wildcard "", otherwise the Service Perimeter specification is invalid. It also means that both field being empty is invalid as well. "restricted_services" can be empty if and only if "unrestricted_services" list contains a "" wildcard.

resources: Option<Vec<String>>

A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

unrestricted_services: Option<Vec<String>>

GCP services that are not subject to the Service Perimeter restrictions. May contain a list of services or a single wildcard "*". For example, if logging.googleapis.com is unrestricted, users can access logs inside the perimeter as if the perimeter doesn't exist, and it also means VMs inside the perimeter can access logs outside the perimeter.

The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted. One of the fields "restricted_services", "unrestricted_services" must contain a wildcard "", otherwise the Service Perimeter specification is invalid. It also means that both field being empty is invalid as well. "unrestricted_services" can be empty if and only if "restricted_services" list contains a "" wildcard.

access_levels: Option<Vec<String>>

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via GCP calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.

Trait Implementations

impl Default for ServicePerimeterConfig

fn default() -> ServicePerimeterConfig

Returns the "default value" for a type.

impl Clone for ServicePerimeterConfig

fn clone(&self) -> ServicePerimeterConfig

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ServicePerimeterConfig

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Part for ServicePerimeterConfig