pulumi-gcp-kotlin/com.pulumi.gcp.accesscontextmanager.kotlin/ServicePerimeterIngressPolicyArgs

ServicePerimeterIngressPolicyArgs

data class ServicePerimeterIngressPolicyArgs(val ingressFrom: Output<ServicePerimeterIngressPolicyIngressFromArgs>? = null, val ingressTo: Output<ServicePerimeterIngressPolicyIngressToArgs>? = null, val perimeter: Output<String>? = null) : ConvertibleToJava<ServicePerimeterIngressPolicyArgs>

Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter. IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/ or actions they match using the ingressTo field.

Note: By default, updates to this resource will remove the IngressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy is added before the old one is removed, add a lifecycle block with create_before_destroy = true to this resource. To get more information about ServicePerimeterIngressPolicy, see: