Class: Google::Apis::ComputeV1::SecurityPolicyRule

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/compute_v1/classes.rb,
lib/google/apis/compute_v1/representations.rb,
lib/google/apis/compute_v1/representations.rb

Overview

Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ SecurityPolicyRule

Returns a new instance of SecurityPolicyRule.



55923
55924
55925
# File 'lib/google/apis/compute_v1/classes.rb', line 55923

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#actionString

The Action to perform when the rule is matched. The following are the valid actions:

  • allow: allow access to target.
  • deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502.
  • rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set.
  • redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR.
  • throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this.
  • fairshare (preview only): when traffic reaches the threshold limit, requests from the clients matching this rule begin to be rate-limited using the Fair Share algorithm. This action is only allowed in security policies of type CLOUD_ARMOR_INTERNAL_SERVICE. Corresponds to the JSON property action

Returns:

  • (String)


55855
55856
55857
# File 'lib/google/apis/compute_v1/classes.rb', line 55855

def action
  @action
end

#descriptionString

An optional description of this resource. Provide this property when you create the resource. Corresponds to the JSON property description

Returns:

  • (String)


55861
55862
55863
# File 'lib/google/apis/compute_v1/classes.rb', line 55861

def description
  @description
end

#header_actionGoogle::Apis::ComputeV1::SecurityPolicyRuleHttpHeaderAction

Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR. Corresponds to the JSON property headerAction



55868
55869
55870
# File 'lib/google/apis/compute_v1/classes.rb', line 55868

def header_action
  @header_action
end

#kindString

Output only. [Output only] Type of the resource. Alwayscompute# securityPolicyRule for security policy rules Corresponds to the JSON property kind

Returns:

  • (String)


55874
55875
55876
# File 'lib/google/apis/compute_v1/classes.rb', line 55874

def kind
  @kind
end

#matchGoogle::Apis::ComputeV1::SecurityPolicyRuleMatcher

Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. Corresponds to the JSON property match



55880
55881
55882
# File 'lib/google/apis/compute_v1/classes.rb', line 55880

def match
  @match
end

#network_matchGoogle::Apis::ComputeV1::SecurityPolicyRuleNetworkMatcher

Represents a match condition that incoming network traffic is evaluated against. Corresponds to the JSON property networkMatch



55886
55887
55888
# File 'lib/google/apis/compute_v1/classes.rb', line 55886

def network_match
  @network_match
end

#preconfigured_waf_configGoogle::Apis::ComputeV1::SecurityPolicyRulePreconfiguredWafConfig

Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. Corresponds to the JSON property preconfiguredWafConfig



55893
55894
55895
# File 'lib/google/apis/compute_v1/classes.rb', line 55893

def preconfigured_waf_config
  @preconfigured_waf_config
end

#previewBoolean Also known as: preview?

If set to true, the specified action is not enforced. Corresponds to the JSON property preview

Returns:

  • (Boolean)


55898
55899
55900
# File 'lib/google/apis/compute_v1/classes.rb', line 55898

def preview
  @preview
end

#priorityFixnum

An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. Corresponds to the JSON property priority

Returns:

  • (Fixnum)


55907
55908
55909
# File 'lib/google/apis/compute_v1/classes.rb', line 55907

def priority
  @priority
end

#rate_limit_optionsGoogle::Apis::ComputeV1::SecurityPolicyRuleRateLimitOptions

Must be specified if the action is "rate_based_ban" or "throttle" or "fairshare". Cannot be specified for any other actions. Corresponds to the JSON property rateLimitOptions



55913
55914
55915
# File 'lib/google/apis/compute_v1/classes.rb', line 55913

def rate_limit_options
  @rate_limit_options
end

#redirect_optionsGoogle::Apis::ComputeV1::SecurityPolicyRuleRedirectOptions

Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR. Corresponds to the JSON property redirectOptions



55921
55922
55923
# File 'lib/google/apis/compute_v1/classes.rb', line 55921

def redirect_options
  @redirect_options
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



55928
55929
55930
55931
55932
55933
55934
55935
55936
55937
55938
55939
55940
# File 'lib/google/apis/compute_v1/classes.rb', line 55928

def update!(**args)
  @action = args[:action] if args.key?(:action)
  @description = args[:description] if args.key?(:description)
  @header_action = args[:header_action] if args.key?(:header_action)
  @kind = args[:kind] if args.key?(:kind)
  @match = args[:match] if args.key?(:match)
  @network_match = args[:network_match] if args.key?(:network_match)
  @preconfigured_waf_config = args[:preconfigured_waf_config] if args.key?(:preconfigured_waf_config)
  @preview = args[:preview] if args.key?(:preview)
  @priority = args[:priority] if args.key?(:priority)
  @rate_limit_options = args[:rate_limit_options] if args.key?(:rate_limit_options)
  @redirect_options = args[:redirect_options] if args.key?(:redirect_options)
end