The type indicates the intended use of the security policy. -
CLOUD_ARMOR: Cloud Armor backend security policies can be configured
to filter incoming HTTP requests targeting backend services. They
filter requests before they hit the origin servers. -
CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be
configured to filter incoming HTTP requests targeting backend
services (including Cloud CDN-enabled) as well as backend buckets
(Cloud Storage). They filter requests before the request is served
from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor
internal service policies can be configured to filter HTTP requests
targeting services managed by Traffic Director in a service mesh.
They filter requests before the request is served from the
application. This field can be set only at resource creation time.