Struct google_accesscontextmanager1_beta::ServicePerimeterConfig [−][src]
pub struct ServicePerimeterConfig { pub restricted_services: Option<Vec<String>>, pub resources: Option<Vec<String>>, pub unrestricted_services: Option<Vec<String>>, pub access_levels: Option<Vec<String>>, }
ServicePerimeterConfig
specifies a set of GCP resources that describe
specific Service Perimeter configuration.
This type is not used in any activity, and only used as part of another schema.
Fields
restricted_services: Option<Vec<String>>
GCP services that are subject to the Service Perimeter restrictions. May
contain a list of services or a single wildcard "*". For example, if
storage.googleapis.com
is specified, access to the storage buckets
inside the perimeter must meet the perimeter's access restrictions.
Wildcard means that unless explicitly specified by "unrestricted_services" list, any service is treated as restricted. One of the fields "restricted_services", "unrestricted_services" must contain a wildcard "", otherwise the Service Perimeter specification is invalid. It also means that both field being empty is invalid as well. "restricted_services" can be empty if and only if "unrestricted_services" list contains a "" wildcard.
resources: Option<Vec<String>>
A list of GCP resources that are inside of the service perimeter.
Currently only projects are allowed. Format: projects/{project_number}
unrestricted_services: Option<Vec<String>>
GCP services that are not subject to the Service Perimeter restrictions.
May contain a list of services or a single wildcard "*". For example, if
logging.googleapis.com
is unrestricted, users can access logs inside the
perimeter as if the perimeter doesn't exist, and it also means VMs inside the perimeter
can access logs outside the perimeter.
The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted. One of the fields "restricted_services", "unrestricted_services" must contain a wildcard "", otherwise the Service Perimeter specification is invalid. It also means that both field being empty is invalid as well. "unrestricted_services" can be empty if and only if "restricted_services" list contains a "" wildcard.
access_levels: Option<Vec<String>>
A list of AccessLevel
resource names that allow resources within the
ServicePerimeter
to be accessed from the internet. AccessLevels
listed
must be in the same policy as this ServicePerimeter
. Referencing a
nonexistent AccessLevel
is a syntax error. If no AccessLevel
names are
listed, resources within the perimeter can only be accessed via GCP calls with
request origins within the perimeter. Example:
"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
.
For Service Perimeter Bridge, must be empty.
Trait Implementations
impl Default for ServicePerimeterConfig
[src]
impl Default for ServicePerimeterConfig
fn default() -> ServicePerimeterConfig
[src]
fn default() -> ServicePerimeterConfig
Returns the "default value" for a type. Read more
impl Clone for ServicePerimeterConfig
[src]
impl Clone for ServicePerimeterConfig
fn clone(&self) -> ServicePerimeterConfig
[src]
fn clone(&self) -> ServicePerimeterConfig
Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)
1.0.0[src]
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
impl Debug for ServicePerimeterConfig
[src]
impl Debug for ServicePerimeterConfig
fn fmt(&self, f: &mut Formatter) -> Result
[src]
fn fmt(&self, f: &mut Formatter) -> Result
Formats the value using the given formatter. Read more
impl Part for ServicePerimeterConfig
[src]
impl Part for ServicePerimeterConfig
Auto Trait Implementations
impl Send for ServicePerimeterConfig
impl Send for ServicePerimeterConfig
impl Sync for ServicePerimeterConfig
impl Sync for ServicePerimeterConfig