Class: Google::Apis::ComputeV1::SecurityPolicyRule
- Inherits:
-
Object
- Object
- Google::Apis::ComputeV1::SecurityPolicyRule
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- lib/google/apis/compute_v1/classes.rb,
lib/google/apis/compute_v1/representations.rb,
lib/google/apis/compute_v1/representations.rb
Overview
Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).
Instance Attribute Summary collapse
-
#action ⇒ String
The Action to perform when the rule is matched.
-
#description ⇒ String
An optional description of this resource.
-
#header_action ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleHttpHeaderAction
Optional, additional actions that are performed on headers.
-
#kind ⇒ String
Output only.
-
#match ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleMatcher
Represents a match condition that incoming traffic is evaluated against.
-
#network_match ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleNetworkMatcher
Represents a match condition that incoming network traffic is evaluated against.
-
#preconfigured_waf_config ⇒ Google::Apis::ComputeV1::SecurityPolicyRulePreconfiguredWafConfig
Preconfigured WAF configuration to be applied for the rule.
-
#preview ⇒ Boolean
(also: #preview?)
If set to true, the specified action is not enforced.
-
#priority ⇒ Fixnum
An integer indicating the priority of a rule in the list.
-
#rate_limit_options ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleRateLimitOptions
Must be specified if the action is "rate_based_ban" or "throttle" or "fairshare".
-
#redirect_options ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleRedirectOptions
Parameters defining the redirect action.
Instance Method Summary collapse
-
#initialize(**args) ⇒ SecurityPolicyRule
constructor
A new instance of SecurityPolicyRule.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ SecurityPolicyRule
Returns a new instance of SecurityPolicyRule.
55561 55562 55563 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55561 def initialize(**args) update!(**args) end |
Instance Attribute Details
#action ⇒ String
The Action to perform when the rule is matched. The following are the valid actions:
- allow: allow access to target.
- deny(STATUS): deny access to target, returns the
HTTP response code specified. Valid values for
STATUSare 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set.
- redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR.
- throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this.
- fairshare (preview only): when traffic reaches the
threshold limit, requests from the clients matching this rule begin to be
rate-limited using the Fair Share algorithm. This action is only allowed
in security policies of type
CLOUD_ARMOR_INTERNAL_SERVICE. Corresponds to the JSON propertyaction
55493 55494 55495 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55493 def action @action end |
#description ⇒ String
An optional description of this resource. Provide this property when you
create the resource.
Corresponds to the JSON property description
55499 55500 55501 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55499 def description @description end |
#header_action ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleHttpHeaderAction
Optional, additional actions that are performed on headers.
This field is only supported in Global Security Policies of type
CLOUD_ARMOR.
Corresponds to the JSON property headerAction
55506 55507 55508 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55506 def header_action @header_action end |
#kind ⇒ String
Output only. [Output only] Type of the resource. Alwayscompute#
securityPolicyRule for security policy rules
Corresponds to the JSON property kind
55512 55513 55514 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55512 def kind @kind end |
#match ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleMatcher
Represents a match condition that incoming traffic is evaluated against.
Exactly one field must be specified.
Corresponds to the JSON property match
55518 55519 55520 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55518 def match @match end |
#network_match ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleNetworkMatcher
Represents a match condition that incoming network traffic is evaluated
against.
Corresponds to the JSON property networkMatch
55524 55525 55526 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55524 def network_match @network_match end |
#preconfigured_waf_config ⇒ Google::Apis::ComputeV1::SecurityPolicyRulePreconfiguredWafConfig
Preconfigured WAF configuration to be applied for the rule. If the rule
does not evaluate preconfigured WAF rules, i.e., if
evaluatePreconfiguredWaf() is not used, this field will have no effect.
Corresponds to the JSON property preconfiguredWafConfig
55531 55532 55533 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55531 def preconfigured_waf_config @preconfigured_waf_config end |
#preview ⇒ Boolean Also known as: preview?
If set to true, the specified action is not enforced.
Corresponds to the JSON property preview
55536 55537 55538 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55536 def preview @preview end |
#priority ⇒ Fixnum
An integer indicating the priority of a rule in the list. The priority
must be a positive value between 0 and 2147483647.
Rules are evaluated from highest to lowest priority where 0 is the
highest priority and 2147483647 is the lowest priority.
Corresponds to the JSON property priority
55545 55546 55547 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55545 def priority @priority end |
#rate_limit_options ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleRateLimitOptions
Must be specified if the action is "rate_based_ban" or "throttle" or
"fairshare". Cannot be specified for any other actions.
Corresponds to the JSON property rateLimitOptions
55551 55552 55553 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55551 def @rate_limit_options end |
#redirect_options ⇒ Google::Apis::ComputeV1::SecurityPolicyRuleRedirectOptions
Parameters defining the redirect action. Cannot be specified for any
other actions.
This field is only supported in Global Security Policies of type
CLOUD_ARMOR.
Corresponds to the JSON property redirectOptions
55559 55560 55561 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55559 def @redirect_options end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
55566 55567 55568 55569 55570 55571 55572 55573 55574 55575 55576 55577 55578 |
# File 'lib/google/apis/compute_v1/classes.rb', line 55566 def update!(**args) @action = args[:action] if args.key?(:action) @description = args[:description] if args.key?(:description) @header_action = args[:header_action] if args.key?(:header_action) @kind = args[:kind] if args.key?(:kind) @match = args[:match] if args.key?(:match) @network_match = args[:network_match] if args.key?(:network_match) @preconfigured_waf_config = args[:preconfigured_waf_config] if args.key?(:preconfigured_waf_config) @preview = args[:preview] if args.key?(:preview) @priority = args[:priority] if args.key?(:priority) @rate_limit_options = args[:rate_limit_options] if args.key?(:rate_limit_options) @redirect_options = args[:redirect_options] if args.key?(:redirect_options) end |