Skip to main content

AuthzPolicy

google_cloud_networksecurity_v1::model

Struct AuthzPolicy 

Source 
#[non_exhaustive]
pub struct AuthzPolicy {
    pub name: String,
    pub create_time: Option<Timestamp>,
    pub update_time: Option<Timestamp>,
    pub description: String,
    pub labels: HashMap<String, String>,
    pub target: Option<Target>,
    pub http_rules: Vec<AuthzRule>,
    pub action: AuthzAction,
    pub custom_provider: Option<CustomProvider>,
    pub policy_profile: PolicyProfile,
    /* private fields */
}
Expand description

AuthzPolicy is a resource that allows to forward traffic to a callout backend designed to scan the traffic for security purposes.

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§name: String

Required. Identifier. Name of the AuthzPolicy resource in the following format: projects/{project}/locations/{location}/authzPolicies/{authz_policy}.

§create_time: Option<Timestamp>

Output only. The timestamp when the resource was created.

§update_time: Option<Timestamp>

Output only. The timestamp when the resource was updated.

§description: String

Optional. A human-readable description of the resource.

§labels: HashMap<String, String>

Optional. Set of labels associated with the AuthzPolicy resource.

The format must comply with the following requirements.

§target: Option<Target>

Required. Specifies the set of resources to which this policy should be applied to.

§http_rules: Vec<AuthzRule>

Optional. A list of authorization HTTP rules to match against the incoming request. A policy match occurs when at least one HTTP rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow or Deny Action. Limited to 5 rules.

§action: AuthzAction

Required. Can be one of ALLOW, DENY, CUSTOM.

When the action is CUSTOM, customProvider must be specified.

When the action is ALLOW, only requests matching the policy will be allowed.

When the action is DENY, only requests matching the policy will be denied.

When a request arrives, the policies are evaluated in the following order:

  1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request.

  2. If there are any DENY policies that match the request, the request is denied.

  3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed.

  4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request.

§custom_provider: Option<CustomProvider>

Optional. Required if the action is CUSTOM. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One of cloudIap or authzExtension must be specified.

§policy_profile: PolicyProfile

Optional. Immutable. Defines the type of authorization being performed. If not specified, REQUEST_AUTHZ is applied. This field cannot be changed once AuthzPolicy is created.

Implementations§

Source§

impl AuthzPolicy

Source

pub fn new() -> Self

Source

pub fn set_name<T: Into<String>>(self, v: T) -> Self

Sets the value of name.

§Example
let x = AuthzPolicy::new().set_name("example");
Source

pub fn set_create_time<T>(self, v: T) -> Self
where T: Into<Timestamp>,

Sets the value of create_time.

§Example
use wkt::Timestamp;
let x = AuthzPolicy::new().set_create_time(Timestamp::default()/* use setters */);
Source

pub fn set_or_clear_create_time<T>(self, v: Option<T>) -> Self
where T: Into<Timestamp>,

Sets or clears the value of create_time.

§Example
use wkt::Timestamp;
let x = AuthzPolicy::new().set_or_clear_create_time(Some(Timestamp::default()/* use setters */));
let x = AuthzPolicy::new().set_or_clear_create_time(None::<Timestamp>);
Source

pub fn set_update_time<T>(self, v: T) -> Self
where T: Into<Timestamp>,

Sets the value of update_time.

§Example
use wkt::Timestamp;
let x = AuthzPolicy::new().set_update_time(Timestamp::default()/* use setters */);
Source

pub fn set_or_clear_update_time<T>(self, v: Option<T>) -> Self
where T: Into<Timestamp>,

Sets or clears the value of update_time.

§Example
use wkt::Timestamp;
let x = AuthzPolicy::new().set_or_clear_update_time(Some(Timestamp::default()/* use setters */));
let x = AuthzPolicy::new().set_or_clear_update_time(None::<Timestamp>);
Source

pub fn set_description<T: Into<String>>(self, v: T) -> Self

Sets the value of description.

§Example
let x = AuthzPolicy::new().set_description("example");
Source

pub fn set_labels<T, K, V>(self, v: T) -> Self
where T: IntoIterator<Item = (K, V)>, K: Into<String>, V: Into<String>,

Sets the value of labels.

§Example
let x = AuthzPolicy::new().set_labels([
    ("key0", "abc"),
    ("key1", "xyz"),
]);
Source

pub fn set_target<T>(self, v: T) -> Self
where T: Into<Target>,

Sets the value of target.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::Target;
let x = AuthzPolicy::new().set_target(Target::default()/* use setters */);
Source

pub fn set_or_clear_target<T>(self, v: Option<T>) -> Self
where T: Into<Target>,

Sets or clears the value of target.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::Target;
let x = AuthzPolicy::new().set_or_clear_target(Some(Target::default()/* use setters */));
let x = AuthzPolicy::new().set_or_clear_target(None::<Target>);
Source

pub fn set_http_rules<T, V>(self, v: T) -> Self
where T: IntoIterator<Item = V>, V: Into<AuthzRule>,

Sets the value of http_rules.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::AuthzRule;
let x = AuthzPolicy::new()
    .set_http_rules([
        AuthzRule::default()/* use setters */,
        AuthzRule::default()/* use (different) setters */,
    ]);
Source

pub fn set_action<T: Into<AuthzAction>>(self, v: T) -> Self

Sets the value of action.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::AuthzAction;
let x0 = AuthzPolicy::new().set_action(AuthzAction::Allow);
let x1 = AuthzPolicy::new().set_action(AuthzAction::Deny);
let x2 = AuthzPolicy::new().set_action(AuthzAction::Custom);
Source

pub fn set_custom_provider<T>(self, v: T) -> Self
where T: Into<CustomProvider>,

Sets the value of custom_provider.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::CustomProvider;
let x = AuthzPolicy::new().set_custom_provider(CustomProvider::default()/* use setters */);
Source

pub fn set_or_clear_custom_provider<T>(self, v: Option<T>) -> Self
where T: Into<CustomProvider>,

Sets or clears the value of custom_provider.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::CustomProvider;
let x = AuthzPolicy::new().set_or_clear_custom_provider(Some(CustomProvider::default()/* use setters */));
let x = AuthzPolicy::new().set_or_clear_custom_provider(None::<CustomProvider>);
Source

pub fn set_policy_profile<T: Into<PolicyProfile>>(self, v: T) -> Self

Sets the value of policy_profile.

§Example
use google_cloud_networksecurity_v1::model::authz_policy::PolicyProfile;
let x0 = AuthzPolicy::new().set_policy_profile(PolicyProfile::RequestAuthz);
let x1 = AuthzPolicy::new().set_policy_profile(PolicyProfile::ContentAuthz);

Trait Implementations§

Source§

impl Clone for AuthzPolicy

Source§

fn clone(&self) -> AuthzPolicy

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AuthzPolicy

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for AuthzPolicy

Source§

fn default() -> AuthzPolicy

Returns the “default value” for a type. Read more
Source§

impl Message for AuthzPolicy

Source§

fn typename() -> &'static str

The typename of this message.
Source§

impl PartialEq for AuthzPolicy

Source§

fn eq(&self, other: &AuthzPolicy) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl StructuralPartialEq for AuthzPolicy

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FutureExt for T

Source§

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more
Source§

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,