Class: Google::Apis::NetworkservicesV1beta1::AuthzExtension

Inherits:

Object

• Object
• Google::Apis::NetworkservicesV1beta1::AuthzExtension

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/networkservices_v1beta1/classes.rb,
lib/google/apis/networkservices_v1beta1/representations.rb,
lib/google/apis/networkservices_v1beta1/representations.rb

Overview

AuthzExtension is a resource that allows traffic forwarding to a callout backend service to make an authorization decision.

Instance Attribute Summary

• #authority ⇒ String

  Optional.

• #create_time ⇒ String

  Output only.

• #description ⇒ String

  Optional.

• #fail_open ⇒ Boolean (also: #fail_open?)

  Optional.

• #forward_attributes ⇒ Array<String>

  Optional.

• #forward_headers ⇒ Array<String>

  Optional.

• #labels ⇒ Hash<String,String>

  Optional.

• #load_balancing_scheme ⇒ String

  Optional.

• #metadata ⇒ Hash<String,Object>

  Optional.

• #name ⇒ String

  Required.

• #service ⇒ String

  Required.

• #timeout ⇒ String

  Required.

• #update_time ⇒ String

  Output only.

• #wire_format ⇒ String

  Optional.

Instance Method Summary

• #initialize(**args) ⇒ AuthzExtension constructor

  A new instance of AuthzExtension.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ AuthzExtension

Returns a new instance of AuthzExtension.

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 387

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#authority ⇒ String

Optional. The :authority header in the gRPC request sent from Envoy to the extension service. It is required when the service field points to a backend service or a wasm plugin. Corresponds to the JSON property authority

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 279

def authority
  @authority
end

#create_time ⇒ String

Output only. The timestamp when the resource was created. Corresponds to the JSON property createTime

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 284

def create_time
  @create_time
end

#description ⇒ String

Optional. A human-readable description of the resource. Corresponds to the JSON property description

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 289

def description
  @description
end

#fail_open ⇒ Boolean Also known as: fail_open?

Optional. Determines how the proxy behaves if the call to the extension fails or times out. When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. When set to FALSE or the default setting of FALSE is used, one of the following happens: * If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer. * If response headers have been delivered, then the HTTP stream to the downstream client is reset. Corresponds to the JSON property failOpen

Returns:

• (Boolean)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 302

def fail_open
  @fail_open
end

#forward_attributes ⇒ Array<String>

Optional. List of the Envoy attributes to forward to the extension server. The attributes provided here are included as part of the ProcessingRequest. attributes field (of type map), where the keys are the attribute names. Refer to the documentation for the names of attributes that can be forwarded. If omitted, no attributes are sent. Each element is a string indicating the attribute name. Corresponds to the JSON property forwardAttributes

Returns:

• (Array<String>)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 314

def forward_attributes
  @forward_attributes
end

#forward_headers ⇒ Array<String>

Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent. Each element is a string indicating the header name. Corresponds to the JSON property forwardHeaders

Returns:

• (Array<String>)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 321

def forward_headers
  @forward_headers
end

#labels ⇒ Hash<String,String>

Optional. Set of labels associated with the AuthzExtension resource. The format must comply with the requirements for labels for Google Cloud resources. Corresponds to the JSON property labels

Returns:

• (Hash<String,String>)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 328

def labels
  @labels
end

#load_balancing_scheme ⇒ String

Optional. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: INTERNAL_MANAGED, EXTERNAL_MANAGED. Can be omitted for AuthzExtensions that do not reference a backend service. For more information, refer to Backend services overview. Corresponds to the JSON property loadBalancingScheme

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 338

def load_balancing_scheme
  @load_balancing_scheme
end

#metadata ⇒ Hash<String,Object>

Optional. The metadata provided here is included as part of the metadata_context (of type google.protobuf.Struct) in the ProcessingRequest message sent to the extension server. The metadata is available under the namespace com.google.authz_extension.. The following variables are supported in the metadata Struct: forwarding_rule_id - substituted with the forwarding rule's fully qualified resource name. Corresponds to the JSON property metadata

Returns:

• (Hash<String,Object>)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 348

def metadata
  @metadata
end

#name ⇒ String

Required. Identifier. Name of the AuthzExtension resource in the following format: projects/project/locations/location/authzExtensions/ authz_extension`. Corresponds to the JSON propertyname`

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 355

def name
  @name
end

#service ⇒ String

Required. The reference to the service that runs the extension. To configure a callout extension, service must be a fully-qualified reference to a backend service in the format: https://www.googleapis.com/compute/v1/ projects/project/regions/region/backendServices/backendServiceor ` https://www.googleapis.com/compute/v1/projects/`project`/global/ backendServices/`backendService. Corresponds to the JSON property service

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 366

def service
  @service
end

#timeout ⇒ String

Required. Specifies the timeout for each individual message on the stream. The timeout must be between 10-10000 milliseconds. Corresponds to the JSON property timeout

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 372

def timeout
  @timeout
end

#update_time ⇒ String

Output only. The timestamp when the resource was updated. Corresponds to the JSON property updateTime

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 377

def update_time
  @update_time
end

#wire_format ⇒ String

Optional. The format of communication supported by the callout extension. This field is supported only for regional AuthzExtension resources. If not specified, the default value EXT_PROC_GRPC is used. Global AuthzExtension resources use the EXT_PROC_GRPC wire format. Corresponds to the JSON property wireFormat

Returns:

• (String)

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 385

def wire_format
  @wire_format
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/networkservices_v1beta1/classes.rb', line 392

def update!(**args)
  @authority = args[:authority] if args.key?(:authority)
  @create_time = args[:create_time] if args.key?(:create_time)
  @description = args[:description] if args.key?(:description)
  @fail_open = args[:fail_open] if args.key?(:fail_open)
  @forward_attributes = args[:forward_attributes] if args.key?(:forward_attributes)
  @forward_headers = args[:forward_headers] if args.key?(:forward_headers)
  @labels = args[:labels] if args.key?(:labels)
  @load_balancing_scheme = args[:load_balancing_scheme] if args.key?(:load_balancing_scheme)
  @metadata = args[:metadata] if args.key?(:metadata)
  @name = args[:name] if args.key?(:name)
  @service = args[:service] if args.key?(:service)
  @timeout = args[:timeout] if args.key?(:timeout)
  @update_time = args[:update_time] if args.key?(:update_time)
  @wire_format = args[:wire_format] if args.key?(:wire_format)
end