Package-level declarations
Types
The log type that this config enables.
The asset type of this authorized orgs desc. Valid values are ASSET_TYPE_DEVICE
, and ASSET_TYPE_CREDENTIAL_STRENGTH
.
The direction of the authorization relationship between this organization and the organizations listed in the orgs
field. The valid values for this field include the following: AUTHORIZATION_DIRECTION_FROM
: Allows this organization to evaluate traffic in the organizations listed in the orgs
field. AUTHORIZATION_DIRECTION_TO
: Allows the organizations listed in the orgs
field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying AUTHORIZATION_DIRECTION_TO
as the authorization direction, organizations B and C must specify AUTHORIZATION_DIRECTION_FROM
as the authorization direction in their AuthorizedOrgsDesc
resource.
A granular control type for authorization levels. Valid value is AUTHORIZATION_TYPE_TRUST
.
How the conditions
list should be combined to determine if a request is granted this AccessLevel
. If AND is used, each Condition
in conditions
must be satisfied for the AccessLevel
to be applied. If OR is used, at least one Condition
in conditions
must be satisfied for the AccessLevel
to be applied. Default behavior is AND.
Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of identities
field will be allowed access.
Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of identities
field will be allowed access.
Required. The allowed OS type.
Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.