Class: Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::From
- Inherits:
-
Object
- Object
- Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::From
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/networksecurity/v1/authz_policy.rb
Overview
Describes properties of one or more sources of a request.
Defined Under Namespace
Classes: RequestSource
Instance Attribute Summary collapse
-
#not_sources ⇒ ::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::From::RequestSource>
Optional.
-
#sources ⇒ ::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::From::RequestSource>
Optional.
Instance Attribute Details
#not_sources ⇒ ::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::From::RequestSource>
Returns Optional. Describes the negated properties of request sources. Matches requests from sources that do not match the criteria specified in this field. At least one of sources or notSources must be specified.
311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 |
# File 'proto_docs/google/cloud/networksecurity/v1/authz_policy.rb', line 311 class From include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Describes the properties of a single source. # @!attribute [rw] principals # @return [::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::Principal>] # Optional. A list of identities derived from the client's certificate. # This field will not match on a request unless frontend mutual TLS is # enabled for the forwarding rule or Gateway and the client certificate # has been successfully validated by mTLS. # Each identity is a string whose value is matched against a list of # URI SANs, DNS Name SANs, or the common name in the client's # certificate. A match happens when any principal matches with the # rule. Limited to 50 principals per Authorization Policy for regional # internal Application Load Balancers, regional external Application # Load Balancers, cross-region internal Application Load Balancers, and # Cloud Service Mesh. This field is not supported for global external # Application Load Balancers. # @!attribute [rw] ip_blocks # @return [::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::IpBlock>] # Optional. A list of IP addresses or IP address ranges to match # against the source IP address of the request. Limited to 10 ip_blocks # per Authorization Policy # @!attribute [rw] resources # @return [::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::RequestResource>] # Optional. A list of resources to match against the resource of the # source VM of a request. Limited to 10 resources per Authorization # Policy. class RequestSource include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#sources ⇒ ::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::From::RequestSource>
Returns Optional. Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 1 source. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.
311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 |
# File 'proto_docs/google/cloud/networksecurity/v1/authz_policy.rb', line 311 class From include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Describes the properties of a single source. # @!attribute [rw] principals # @return [::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::Principal>] # Optional. A list of identities derived from the client's certificate. # This field will not match on a request unless frontend mutual TLS is # enabled for the forwarding rule or Gateway and the client certificate # has been successfully validated by mTLS. # Each identity is a string whose value is matched against a list of # URI SANs, DNS Name SANs, or the common name in the client's # certificate. A match happens when any principal matches with the # rule. Limited to 50 principals per Authorization Policy for regional # internal Application Load Balancers, regional external Application # Load Balancers, cross-region internal Application Load Balancers, and # Cloud Service Mesh. This field is not supported for global external # Application Load Balancers. # @!attribute [rw] ip_blocks # @return [::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::IpBlock>] # Optional. A list of IP addresses or IP address ranges to match # against the source IP address of the request. Limited to 10 ip_blocks # per Authorization Policy # @!attribute [rw] resources # @return [::Array<::Google::Cloud::NetworkSecurity::V1::AuthzPolicy::AuthzRule::RequestResource>] # Optional. A list of resources to match against the resource of the # source VM of a request. Limited to 10 resources per Authorization # Policy. class RequestSource include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |