Class: Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client

Inherits:

Object

• Object
• Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client

Defined in:

lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb

Overview

REST client for the OrganizationSecurityPolicies service.

The OrganizationSecurityPolicies API.

Defined Under Namespace

Classes: Configuration

Instance Attribute Summary

• #global_organization_operations ⇒ ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::Client readonly

  Get the associated client for long-running operations via GlobalOrganizationOperations.

Class Method Summary

• .configure {|config| ... } ⇒ Client::Configuration

  Configure the OrganizationSecurityPolicies Client class.

Instance Method Summary

• #add_association(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Inserts an association for the specified security policy.

• #add_rule(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Inserts a rule into a security policy.

• #configure {|config| ... } ⇒ Client::Configuration

  Configure the OrganizationSecurityPolicies Client instance.

• #copy_rules(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Copies rules to the specified security policy.

• #delete(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Deletes the specified policy.

• #get(request, options = nil) {|result, operation| ... } ⇒ ::Google::Cloud::Compute::V1::SecurityPolicy

  List all of the ordered rules present in a single specified policy.

• #get_association(request, options = nil) {|result, operation| ... } ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyAssociation

  Gets an association with the specified name.

• #get_rule(request, options = nil) {|result, operation| ... } ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyRule

  Gets a rule at the specified priority.

• #initialize {|config| ... } ⇒ Client constructor

  Create a new OrganizationSecurityPolicies REST client object.

• #insert(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Creates a new policy in the specified organization using the data included in the request.

• #list(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy>

  List all the policies that have been configured for the specified organization.

• #list_associations(request, options = nil) {|result, operation| ... } ⇒ ::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse

  Lists associations of a specified target, i.e., organization or folder.

• #list_preconfigured_expression_sets(request, options = nil) {|result, operation| ... } ⇒ ::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse

  Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

• #logger ⇒ Logger

  The logger used for request/response debug logging.

• #move(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Moves the specified security policy.

• #patch(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Patches the specified policy with the data included in the request.

• #patch_rule(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Patches a rule at the specified priority.

• #remove_association(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Removes an association for the specified security policy.

• #remove_rule(request, options = nil) {|result, operation| ... } ⇒ ::Gapic::GenericLRO::Operation

  Deletes a rule at the specified priority.

• #universe_domain ⇒ String

  The effective universe domain.

Constructor Details

#initialize {|config| ... } ⇒ Client

Create a new OrganizationSecurityPolicies REST client object.

Examples:

# Create a client using the default configuration
client = ::Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a client using a custom configuration
client = ::Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new do |config|
  config.timeout = 10.0
end

Yields:

• (config) —

  Configure the OrganizationSecurityPolicies client.

Yield Parameters:

• config (Client::Configuration)

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 175

def initialize
  # Create the configuration object
  @config = Configuration.new Client.configure

  # Yield the configuration if needed
  yield @config if block_given?

  # Create credentials
  credentials = @config.credentials
  # Use self-signed JWT if the endpoint is unchanged from default,
  # but only if the default endpoint does not have a region prefix.
  enable_self_signed_jwt = @config.endpoint.nil? ||
                           (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
                           !@config.endpoint.split(".").first.include?("-"))
  credentials ||= Credentials.default scope: @config.scope,
                                      enable_self_signed_jwt: enable_self_signed_jwt
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
    credentials = Credentials.new credentials, scope: @config.scope
  end

  @quota_project_id = @config.quota_project
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id

  @global_organization_operations = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::Client.new do |config|
    config.credentials = credentials
    config.quota_project = @quota_project_id
    config.endpoint = @config.endpoint
    config.universe_domain = @config.universe_domain
  end

  @organization_security_policies_stub = ::Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::ServiceStub.new(
    endpoint: @config.endpoint,
    endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
    universe_domain: @config.universe_domain,
    credentials: credentials,
    logger: @config.logger
  )

  @organization_security_policies_stub.logger(stub: true)&.info do |entry|
    entry.set_system_name
    entry.set_service
    entry.message = "Created client for #{entry.service}"
    entry.set_credentials_fields credentials
    entry.set "customEndpoint", @config.endpoint if @config.endpoint
    entry.set "defaultTimeout", @config.timeout if @config.timeout
    entry.set "quotaProject", @quota_project_id if @quota_project_id
  end
end

Instance Attribute Details

#global_organization_operations ⇒ ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::Client (readonly)

Get the associated client for long-running operations via GlobalOrganizationOperations.

Returns:

• (::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::Client)

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 229

def global_organization_operations
  @global_organization_operations
end

Class Method Details

.configure {|config| ... } ⇒ Client::Configuration

Configure the OrganizationSecurityPolicies Client class.

See Configuration for a description of the configuration fields.

Examples:

# Modify the configuration for all OrganizationSecurityPolicies clients
::Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.configure do |config|
  config.timeout = 10.0
end

Yields:

• (config) —

  Configure the Client client.

Yield Parameters:

• config (Client::Configuration)

Returns:

• (Client::Configuration)

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 63

def self.configure
  @configure ||= begin
    namespace = ["Google", "Cloud", "Compute", "V1"]
    parent_config = while namespace.any?
                      parent_name = namespace.join "::"
                      parent_const = const_get parent_name
                      break parent_const.configure if parent_const.respond_to? :configure
                      namespace.pop
                    end
    default_config = Client::Configuration.new parent_config

    default_config.rpcs.add_association.timeout = 600.0

    default_config.rpcs.add_rule.timeout = 600.0

    default_config.rpcs.copy_rules.timeout = 600.0

    default_config.rpcs.delete.timeout = 600.0

    default_config.rpcs.get.timeout = 600.0
    default_config.rpcs.get.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.get_association.timeout = 600.0
    default_config.rpcs.get_association.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.get_rule.timeout = 600.0
    default_config.rpcs.get_rule.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.insert.timeout = 600.0

    default_config.rpcs.list.timeout = 600.0
    default_config.rpcs.list.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.list_associations.timeout = 600.0
    default_config.rpcs.list_associations.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.list_preconfigured_expression_sets.timeout = 600.0
    default_config.rpcs.list_preconfigured_expression_sets.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.move.timeout = 600.0

    default_config.rpcs.patch.timeout = 600.0

    default_config.rpcs.patch_rule.timeout = 600.0

    default_config.rpcs.remove_association.timeout = 600.0

    default_config.rpcs.remove_rule.timeout = 600.0

    default_config
  end
  yield @configure if block_given?
  @configure
end

Instance Method Details

#add_association(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #add_association(replace_existing_association: nil, request_id: nil, security_policy: nil, security_policy_association_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

Inserts an association for the specified security policy.

This has billing implications. Projects in the hierarchy with effective hierarchical security policies will be automatically enrolled into Cloud Armor Enterprise if not already enrolled.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.addAssociation instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::AddAssociationOrganizationSecurityPolicyRequest.new

# Call the add_association method.
result = client.add_association request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #add_association(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to add_association via a request object, either of type AddAssociationOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::AddAssociationOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #add_association(replace_existing_association: nil, request_id: nil, security_policy: nil, security_policy_association_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to add_association via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • replace_existing_association (::Boolean) (defaults to: nil) —

    Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

  • security_policy_association_resource (::Google::Cloud::Compute::V1::SecurityPolicyAssociation, ::Hash) (defaults to: nil) —

    The body resource for this request

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 314

def add_association request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::AddAssociationOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.add_association.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.add_association.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.add_association.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.add_association request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#add_rule(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #add_rule(request_id: nil, security_policy: nil, security_policy_rule_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

Inserts a rule into a security policy.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.addRule instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::AddRuleOrganizationSecurityPolicyRequest.new

# Call the add_rule method.
result = client.add_rule request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #add_rule(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to add_rule via a request object, either of type AddRuleOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::AddRuleOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #add_rule(request_id: nil, security_policy: nil, security_policy_rule_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to add_rule via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

  • security_policy_rule_resource (::Google::Cloud::Compute::V1::SecurityPolicyRule, ::Hash) (defaults to: nil) —

    The body resource for this request

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 419

def add_rule request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::AddRuleOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.add_rule.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.add_rule.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.add_rule.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.add_rule request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#configure {|config| ... } ⇒ Client::Configuration

Configure the OrganizationSecurityPolicies Client instance.

The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on configure.

See Configuration for a description of the configuration fields.

Yields:

• (config) —

  Configure the Client client.

Yield Parameters:

• config (Client::Configuration)

Returns:

• (Client::Configuration)

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 145

def configure
  yield @config if block_given?
  @config
end

#copy_rules(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #copy_rules(request_id: nil, security_policy: nil, source_security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

Copies rules to the specified security policy.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.cloneRules instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::CopyRulesOrganizationSecurityPolicyRequest.new

# Call the copy_rules method.
result = client.copy_rules request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #copy_rules(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to copy_rules via a request object, either of type CopyRulesOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::CopyRulesOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #copy_rules(request_id: nil, security_policy: nil, source_security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to copy_rules via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

  • source_security_policy (::String) (defaults to: nil) —

    The security policy from which to copy rules.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 525

def copy_rules request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::CopyRulesOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.copy_rules.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.copy_rules.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.copy_rules.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.copy_rules request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #delete(request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

Deletes the specified policy.

Use this API to remove Cloud Armor policies. Previously, alpha and beta versions of this API were used to remove firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.delete instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::DeleteOrganizationSecurityPolicyRequest.new

# Call the delete method.
result = client.delete request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #delete(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to delete via a request object, either of type DeleteOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::DeleteOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #delete(request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to delete via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to delete.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 628

def delete request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::DeleteOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.delete.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.delete.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.delete.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.delete request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicy #get(security_policy: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicy

List all of the ordered rules present in a single specified policy.

Use this API to read Cloud Armor policies. Previously, alpha and beta versions of this API were used to read firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.get instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::GetOrganizationSecurityPolicyRequest.new

# Call the get method.
result = client.get request

# The returned object is of type Google::Cloud::Compute::V1::SecurityPolicy.
p result

Overloads:

• #get(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicy

  Pass arguments to get via a request object, either of type GetOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::GetOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #get(security_policy: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicy

  Pass arguments to get via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to get.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Google::Cloud::Compute::V1::SecurityPolicy)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Google::Cloud::Compute::V1::SecurityPolicy)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 717

def get request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::GetOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.get request, options do |result, operation|
    yield result, operation if block_given?
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_association(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyAssociation #get_association(name: nil, security_policy: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyAssociation

Gets an association with the specified name.

Use this API to read Cloud Armor policies. Previously, alpha and beta versions of this API were used to read firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.getAssociation instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::GetAssociationOrganizationSecurityPolicyRequest.new

# Call the get_association method.
result = client.get_association request

# The returned object is of type Google::Cloud::Compute::V1::SecurityPolicyAssociation.
p result

Overloads:

• #get_association(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyAssociation

  Pass arguments to get_association via a request object, either of type GetAssociationOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::GetAssociationOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #get_association(name: nil, security_policy: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyAssociation

  Pass arguments to get_association via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    The name of the association to get from the security policy.

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to which the queried rule belongs.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Google::Cloud::Compute::V1::SecurityPolicyAssociation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Google::Cloud::Compute::V1::SecurityPolicyAssociation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 802

def get_association request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::GetAssociationOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_association.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_association.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_association.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.get_association request, options do |result, operation|
    yield result, operation if block_given?
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_rule(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyRule #get_rule(priority: nil, security_policy: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyRule

Gets a rule at the specified priority.

Use this API to read Cloud Armor policies. Previously, alpha and beta versions of this API were used to read firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.getRule instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::GetRuleOrganizationSecurityPolicyRequest.new

# Call the get_rule method.
result = client.get_rule request

# The returned object is of type Google::Cloud::Compute::V1::SecurityPolicyRule.
p result

Overloads:

• #get_rule(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyRule

  Pass arguments to get_rule via a request object, either of type GetRuleOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::GetRuleOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #get_rule(priority: nil, security_policy: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPolicyRule

  Pass arguments to get_rule via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • priority (::Integer) (defaults to: nil) —

    The priority of the rule to get from the security policy.

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to which the queried rule belongs.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Google::Cloud::Compute::V1::SecurityPolicyRule)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Google::Cloud::Compute::V1::SecurityPolicyRule)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 886

def get_rule request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::GetRuleOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_rule.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_rule.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_rule.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.get_rule request, options do |result, operation|
    yield result, operation if block_given?
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#insert(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #insert(parent_id: nil, request_id: nil, security_policy_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

Creates a new policy in the specified organization using the data included in the request.

Use this API to add Cloud Armor policies. Previously, alpha and beta versions of this API were used to add firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.insert instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::InsertOrganizationSecurityPolicyRequest.new

# Call the insert method.
result = client.insert request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #insert(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to insert via a request object, either of type InsertOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::InsertOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #insert(parent_id: nil, request_id: nil, security_policy_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to insert via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent_id (::String) (defaults to: nil) —

    Parent ID for this request. The ID can be either be "folders/[FOLDER_ID]" if the parent is a folder or "organizations/[ORGANIZATION_ID]" if the parent is an organization.

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy_resource (::Google::Cloud::Compute::V1::SecurityPolicy, ::Hash) (defaults to: nil) —

    The body resource for this request

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 987

def insert request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::InsertOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.insert.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.insert.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.insert.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.insert request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {
        "parent_id" => request.parent_id
      },
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy> #list(filter: nil, max_results: nil, order_by: nil, page_token: nil, parent_id: nil, return_partial_success: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy>

List all the policies that have been configured for the specified organization.

Use this API to read Cloud Armor policies. Previously, alpha and beta versions of this API were used to read firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.list instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::ListOrganizationSecurityPoliciesRequest.new

# Call the list method.
result = client.list request

# The returned object is of type Google::Cloud::Compute::V1::SecurityPolicyList.
p result

Overloads:

• #list(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy>

  Pass arguments to list via a request object, either of type ListOrganizationSecurityPoliciesRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::ListOrganizationSecurityPoliciesRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #list(filter: nil, max_results: nil, order_by: nil, page_token: nil, parent_id: nil, return_partial_success: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy>

  Pass arguments to list via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • filter (::String) (defaults to: nil) —

    A filter expression that filters resources listed in the response. Most Compute resources support two types of filter expressions: expressions that support regular expressions and expressions that follow API improvement proposal AIP-160. These two types of filter expressions cannot be mixed in one request.

    If you want to use AIP-160, your expression must specify the field name, an operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The operator must be either =, !=, >, <, <=, >= or :.

    For example, if you are filtering Compute Engine instances, you can exclude instances named example-instance by specifying name != example-instance.

    The :* comparison can be used to test whether a key has been defined. For example, to find all objects with owner label use:

    labels.owner:*
    

    You can also filter nested fields. For example, you could specify scheduling.automaticRestart = false to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based onresource labels.

    To filter on multiple expressions, provide each separate expression within parentheses. For example:

    (scheduling.automaticRestart = true)
    (cpuPlatform = "Intel Skylake")
    

    By default, each expression is an AND expression. However, you can include AND and OR expressions explicitly. For example:

    (cpuPlatform = "Intel Skylake") OR
    (cpuPlatform = "Intel Broadwell") AND
    (scheduling.automaticRestart = true)
    

    If you want to use a regular expression, use the eq (equal) or ne (not equal) operator against a single un-parenthesized expression with or without quotes or against multiple parenthesized expressions. Examples:

    fieldname eq unquoted literal fieldname eq 'single quoted literal' fieldname eq "double quoted literal" (fieldname1 eq literal) (fieldname2 ne "literal")

    The literal value is interpreted as a regular expression using GoogleRE2 library syntax. The literal value must match the entire field.

    For example, to filter for instances that do not end with name "instance", you would use name ne .*instance.

    You cannot combine constraints on multiple fields using regular expressions.

  • max_results (::Integer) (defaults to: nil) —

    The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)

  • order_by (::String) (defaults to: nil) —

    Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.

    You can also sort results in descending order based on the creation timestamp using orderBy="creationTimestamp desc". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.

    Currently, only sorting by name or creationTimestamp desc is supported.

  • page_token (::String) (defaults to: nil) —

    Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.

  • parent_id (::String) (defaults to: nil) —

    Parent ID for this request.

  • return_partial_success (::Boolean) (defaults to: nil) —

    Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.

    For example, when partial success behavior is enabled, aggregatedList for a single zone scope either returns all resources in the zone or no resources, with an error code.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy>)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::Rest::PagedEnumerable<::Google::Cloud::Compute::V1::SecurityPolicy>)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1167

def list request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::ListOrganizationSecurityPoliciesRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.list request, options do |result, operation|
    result = ::Gapic::Rest::PagedEnumerable.new @organization_security_policies_stub, :list, "items", request, result, options
    yield result, operation if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_associations(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse #list_associations(target_resource: nil) ⇒ ::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse

Lists associations of a specified target, i.e., organization or folder.

Use this API to read Cloud Armor policies. Previously, alpha and beta versions of this API were used to read firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.listAssociations instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::ListAssociationsOrganizationSecurityPolicyRequest.new

# Call the list_associations method.
result = client.list_associations request

# The returned object is of type Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse.
p result

Overloads:

• #list_associations(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse

  Pass arguments to list_associations via a request object, either of type ListAssociationsOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::ListAssociationsOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #list_associations(target_resource: nil) ⇒ ::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse

  Pass arguments to list_associations via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • target_resource (::String) (defaults to: nil) —

    The target resource to list associations. It is an organization, or a folder.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Google::Cloud::Compute::V1::OrganizationSecurityPoliciesListAssociationsResponse)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1253

def list_associations request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::ListAssociationsOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_associations.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_associations.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_associations.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.list_associations request, options do |result, operation|
    yield result, operation if block_given?
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_preconfigured_expression_sets(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse #list_preconfigured_expression_sets(filter: nil, max_results: nil, order_by: nil, page_token: nil, parent_id: nil, return_partial_success: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse

Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::ListPreconfiguredExpressionSetsOrganizationSecurityPoliciesRequest.new

# Call the list_preconfigured_expression_sets method.
result = client.list_preconfigured_expression_sets request

# The returned object is of type Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse.
p result

Overloads:

• #list_preconfigured_expression_sets(request, options = nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse

  Pass arguments to list_preconfigured_expression_sets via a request object, either of type ListPreconfiguredExpressionSetsOrganizationSecurityPoliciesRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::ListPreconfiguredExpressionSetsOrganizationSecurityPoliciesRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #list_preconfigured_expression_sets(filter: nil, max_results: nil, order_by: nil, page_token: nil, parent_id: nil, return_partial_success: nil) ⇒ ::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse

  Pass arguments to list_preconfigured_expression_sets via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • filter (::String) (defaults to: nil) —

    A filter expression that filters resources listed in the response. Most Compute resources support two types of filter expressions: expressions that support regular expressions and expressions that follow API improvement proposal AIP-160. These two types of filter expressions cannot be mixed in one request.

    If you want to use AIP-160, your expression must specify the field name, an operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The operator must be either =, !=, >, <, <=, >= or :.

    For example, if you are filtering Compute Engine instances, you can exclude instances named example-instance by specifying name != example-instance.

    The :* comparison can be used to test whether a key has been defined. For example, to find all objects with owner label use:

    labels.owner:*
    

    You can also filter nested fields. For example, you could specify scheduling.automaticRestart = false to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based onresource labels.

    To filter on multiple expressions, provide each separate expression within parentheses. For example:

    (scheduling.automaticRestart = true)
    (cpuPlatform = "Intel Skylake")
    

    By default, each expression is an AND expression. However, you can include AND and OR expressions explicitly. For example:

    (cpuPlatform = "Intel Skylake") OR
    (cpuPlatform = "Intel Broadwell") AND
    (scheduling.automaticRestart = true)
    

    If you want to use a regular expression, use the eq (equal) or ne (not equal) operator against a single un-parenthesized expression with or without quotes or against multiple parenthesized expressions. Examples:

    fieldname eq unquoted literal fieldname eq 'single quoted literal' fieldname eq "double quoted literal" (fieldname1 eq literal) (fieldname2 ne "literal")

    The literal value is interpreted as a regular expression using GoogleRE2 library syntax. The literal value must match the entire field.

    For example, to filter for instances that do not end with name "instance", you would use name ne .*instance.

    You cannot combine constraints on multiple fields using regular expressions.

  • max_results (::Integer) (defaults to: nil) —

    The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)

  • order_by (::String) (defaults to: nil) —

    Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.

    You can also sort results in descending order based on the creation timestamp using orderBy="creationTimestamp desc". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.

    Currently, only sorting by name or creationTimestamp desc is supported.

  • page_token (::String) (defaults to: nil) —

    Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.

  • parent_id (::String) (defaults to: nil) —

    Parent ID for this request.

  • return_partial_success (::Boolean) (defaults to: nil) —

    Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.

    For example, when partial success behavior is enabled, aggregatedList for a single zone scope either returns all resources in the zone or no resources, with an error code.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Google::Cloud::Compute::V1::SecurityPoliciesListPreconfiguredExpressionSetsResponse)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1420

def list_preconfigured_expression_sets request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::ListPreconfiguredExpressionSetsOrganizationSecurityPoliciesRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_preconfigured_expression_sets.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_preconfigured_expression_sets.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_preconfigured_expression_sets.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.list_preconfigured_expression_sets request, options do |result, operation|
    yield result, operation if block_given?
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#logger ⇒ Logger

The logger used for request/response debug logging.

Returns:

• (Logger)

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 236

def logger
  @organization_security_policies_stub.logger
end

#move(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #move(parent_id: nil, request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

Moves the specified security policy.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.move instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::MoveOrganizationSecurityPolicyRequest.new

# Call the move method.
result = client.move request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #move(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to move via a request object, either of type MoveOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::MoveOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #move(parent_id: nil, request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to move via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent_id (::String) (defaults to: nil) —

    The new parent of the security policy.

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1518

def move request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::MoveOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.move.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.move.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.move.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.move request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {
        "parent_id" => request.parent_id
      },
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#patch(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #patch(request_id: nil, security_policy: nil, security_policy_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

Patches the specified policy with the data included in the request.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.patch instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::PatchOrganizationSecurityPolicyRequest.new

# Call the patch method.
result = client.patch request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #patch(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to patch via a request object, either of type PatchOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::PatchOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #patch(request_id: nil, security_policy: nil, security_policy_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to patch via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

  • security_policy_resource (::Google::Cloud::Compute::V1::SecurityPolicy, ::Hash) (defaults to: nil) —

    The body resource for this request

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1625

def patch request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::PatchOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.patch.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.patch.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.patch.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.patch request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#patch_rule(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #patch_rule(priority: nil, request_id: nil, security_policy: nil, security_policy_rule_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

Patches a rule at the specified priority.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.patchRule instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::PatchRuleOrganizationSecurityPolicyRequest.new

# Call the patch_rule method.
result = client.patch_rule request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #patch_rule(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to patch_rule via a request object, either of type PatchRuleOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::PatchRuleOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #patch_rule(priority: nil, request_id: nil, security_policy: nil, security_policy_rule_resource: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to patch_rule via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • priority (::Integer) (defaults to: nil) —

    The priority of the rule to patch.

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

  • security_policy_rule_resource (::Google::Cloud::Compute::V1::SecurityPolicyRule, ::Hash) (defaults to: nil) —

    The body resource for this request

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1733

def patch_rule request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::PatchRuleOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.patch_rule.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.patch_rule.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.patch_rule.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.patch_rule request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#remove_association(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #remove_association(name: nil, request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

Removes an association for the specified security policy.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.removeAssociation instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::RemoveAssociationOrganizationSecurityPolicyRequest.new

# Call the remove_association method.
result = client.remove_association request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #remove_association(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to remove_association via a request object, either of type RemoveAssociationOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::RemoveAssociationOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #remove_association(name: nil, request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to remove_association via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Name for the attachment that will be removed.

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1839

def remove_association request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::RemoveAssociationOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.remove_association.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.remove_association.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.remove_association.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.remove_association request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#remove_rule(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation #remove_rule(priority: nil, request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

Deletes a rule at the specified priority.

Use this API to modify Cloud Armor policies. Previously, alpha and beta versions of this API were used to modify firewall policies. This usage is now disabled for most organizations. Use firewallPolicies.removeRule instead.

Examples:

Basic example

require "google/cloud/compute/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Cloud::Compute::V1::OrganizationSecurityPolicies::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Cloud::Compute::V1::RemoveRuleOrganizationSecurityPolicyRequest.new

# Call the remove_rule method.
result = client.remove_rule request

# The returned object is of type Google::Cloud::Compute::V1::Operation.
p result

Overloads:

• #remove_rule(request, options = nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to remove_rule via a request object, either of type RemoveRuleOrganizationSecurityPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Cloud::Compute::V1::RemoveRuleOrganizationSecurityPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

• #remove_rule(priority: nil, request_id: nil, security_policy: nil) ⇒ ::Gapic::GenericLRO::Operation

  Pass arguments to remove_rule via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • priority (::Integer) (defaults to: nil) —

    The priority of the rule to remove from the security policy.

  • request_id (::String) (defaults to: nil) —

    An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.

    For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.

    The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

  • security_policy (::String) (defaults to: nil) —

    Name of the security policy to update.

Yields:

• (result, operation) —

  Access the result along with the TransportOperation object

Yield Parameters:

• result (::Gapic::GenericLRO::Operation)
• operation (::Gapic::Rest::TransportOperation)

Returns:

• (::Gapic::GenericLRO::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the REST call is aborted.

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 1945

def remove_rule request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Compute::V1::RemoveRuleOrganizationSecurityPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.remove_rule.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Compute::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.remove_rule.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.remove_rule.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @organization_security_policies_stub.remove_rule request, options do |result, response|
    result = ::Google::Cloud::Compute::V1::GlobalOrganizationOperations::Rest::NonstandardLro.create_operation(
      operation: result,
      client: global_organization_operations,
      request_values: {},
      options: options
    )
    yield result, response if block_given?
    throw :response, result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#universe_domain ⇒ String

The effective universe domain

Returns:

• (String)

# File 'lib/google/cloud/compute/v1/organization_security_policies/rest/client.rb', line 155

def universe_domain
  @organization_security_policies_stub.universe_domain
end