pulumi-gcp-kotlin/com.pulumi.gcp.accesscontextmanager.kotlin/ServicePerimeterEgressPolicyArgs

ServicePerimeterEgressPolicyArgs

data class ServicePerimeterEgressPolicyArgs(val egressFrom: Output<ServicePerimeterEgressPolicyEgressFromArgs>? = null, val egressTo: Output<ServicePerimeterEgressPolicyEgressToArgs>? = null, val perimeter: Output<String>? = null) : ConvertibleToJava<ServicePerimeterEgressPolicyArgs>

Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter. EgressPolicies match requests based on egressFrom and egressTo stanzas. For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset).

Note: By default, updates to this resource will remove the EgressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy is added before the old one is removed, add a lifecycle block with create_before_destroy = true to this resource. To get more information about ServicePerimeterEgressPolicy, see: