pulumi-gcp-kotlin/com.pulumi.gcp.accesscontextmanager.kotlin.outputs/ServicePerimetersServicePerimeterSpecEgressPolicyEgressTo

ServicePerimetersServicePerimeterSpecEgressPolicyEgressTo

data class ServicePerimetersServicePerimeterSpecEgressPolicyEgressTo(val externalResources: List<String>? = null, val operations: List<ServicePerimetersServicePerimeterSpecEgressPolicyEgressToOperation>? = null, val resources: List<String>? = null, val roles: List<String>? = null)

Constructors

constructor(externalResources: List<String>? = null, operations: List<ServicePerimetersServicePerimeterSpecEgressPolicyEgressToOperation>? = null, resources: List<String>? = null, roles: List<String>? = null)

Types

Companion

object Companion

Properties

externalResources

val externalResources: List<String>? = null

A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.

operations

val operations: List<ServicePerimetersServicePerimeterSpecEgressPolicyEgressToOperation>? = null

A list of ApiOperations that this egress rule applies to. A request matches if it contains an operation/service in this list. Structure is documented below.

resources

val resources: List<String>? = null

A list of resources, currently only projects in the form projects/<projectnumber>, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this EgressTo rule will authorize access to all resources outside the perimeter.

roles

val roles: List<String>? = null

A list of IAM roles that represent the set of operations that the sources specified in the corresponding EgressFrom are allowed to perform.