Identity Access Context Manager v1 API - Class ServicePerimeterConfig (2.3.0)

public sealed class ServicePerimeterConfig : IMessage<ServicePerimeterConfig>, IEquatable<ServicePerimeterConfig>, IDeepCloneable<ServicePerimeterConfig>, IBufferMessage, IMessage

Reference documentation and code samples for the Identity Access Context Manager v1 API class ServicePerimeterConfig.

ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

Inheritance

object > ServicePerimeterConfig

Namespace

Google.Identity.AccessContextManager.V1

Assembly

Google.Identity.AccessContextManager.V1.dll

Constructors

ServicePerimeterConfig()

public ServicePerimeterConfig()

ServicePerimeterConfig(ServicePerimeterConfig)

public ServicePerimeterConfig(ServicePerimeterConfig other)
Parameter
NameDescription
otherServicePerimeterConfig

Properties

AccessLevels

public RepeatedField<string> AccessLevels { get; }

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.

Property Value
TypeDescription
RepeatedFieldstring

EgressPolicies

public RepeatedField<ServicePerimeterConfig.Types.EgressPolicy> EgressPolicies { get; }

List of [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] to apply to the perimeter. A perimeter may have multiple [EgressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy], each of which is evaluated separately. Access is granted if any [EgressPolicy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy] grants it. Must be empty for a perimeter bridge.

Property Value
TypeDescription
RepeatedFieldServicePerimeterConfigTypesEgressPolicy

IngressPolicies

public RepeatedField<ServicePerimeterConfig.Types.IngressPolicy> IngressPolicies { get; }

List of [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] to apply to the perimeter. A perimeter may have multiple [IngressPolicies] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy], each of which is evaluated separately. Access is granted if any [Ingress Policy] [google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy] grants it. Must be empty for a perimeter bridge.

Property Value
TypeDescription
RepeatedFieldServicePerimeterConfigTypesIngressPolicy

Resources

public RepeatedField<string> Resources { get; }

A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

Property Value
TypeDescription
RepeatedFieldstring

RestrictedServices

public RepeatedField<string> RestrictedServices { get; }

Google Cloud services that are subject to the Service Perimeter restrictions. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

Property Value
TypeDescription
RepeatedFieldstring

VpcAccessibleServices

public ServicePerimeterConfig.Types.VpcAccessibleServices VpcAccessibleServices { get; set; }

Configuration for APIs allowed within Perimeter.

Property Value
TypeDescription
ServicePerimeterConfigTypesVpcAccessibleServices