pulumi-google-native-kotlin/com.pulumi.googlenative.accesscontextmanager.v1.kotlin.inputs/ServicePerimeterConfigArgs

ServicePerimeterConfigArgs

data class ServicePerimeterConfigArgs(val accessLevels: Output<List<String>>? = null, val egressPolicies: Output<List<EgressPolicyArgs>>? = null, val ingressPolicies: Output<List<IngressPolicyArgs>>? = null, val resources: Output<List<String>>? = null, val restrictedServices: Output<List<String>>? = null, val vpcAccessibleServices: Output<VpcAccessibleServicesArgs>? = null) : ConvertibleToJava<ServicePerimeterConfigArgs>

ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

Constructors

Link copied to clipboard
fun ServicePerimeterConfigArgs(accessLevels: Output<List<String>>? = null, egressPolicies: Output<List<EgressPolicyArgs>>? = null, ingressPolicies: Output<List<IngressPolicyArgs>>? = null, resources: Output<List<String>>? = null, restrictedServices: Output<List<String>>? = null, vpcAccessibleServices: Output<VpcAccessibleServicesArgs>? = null)

Functions

Link copied to clipboard
open override fun toJava(): ServicePerimeterConfigArgs

Properties

Link copied to clipboard
val accessLevels: Output<List<String>>? = null

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.

Link copied to clipboard
val egressPolicies: Output<List<EgressPolicyArgs>>? = null

List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.

Link copied to clipboard
val ingressPolicies: Output<List<IngressPolicyArgs>>? = null

List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.

Link copied to clipboard
val resources: Output<List<String>>? = null

A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: projects/{project_number} VPC network format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}.

Link copied to clipboard
val restrictedServices: Output<List<String>>? = null

Google Cloud services that are subject to the Service Perimeter restrictions. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

Link copied to clipboard
val vpcAccessibleServices: Output<VpcAccessibleServicesArgs>? = null

Configuration for APIs allowed within Perimeter.