ExternalAccessRule(mapping=None, *, ignore_unknown_fields=False, **kwargs)External access firewall rules for filtering incoming traffic
destined to ExternalAddress resources.
Attributes |
|
|---|---|
| Name | Description |
name |
str
Output only. The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
|
create_time |
google.protobuf.timestamp_pb2.Timestamp
Output only. Creation time of this resource. |
update_time |
google.protobuf.timestamp_pb2.Timestamp
Output only. Last update time of this resource. |
description |
str
User-provided description for this external access rule. |
priority |
int
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence
than a rule with priority 101.
|
action |
google.cloud.vmwareengine_v1.types.ExternalAccessRule.Action
The action that the external access rule performs. |
ip_protocol |
str
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
|
source_ip_ranges |
MutableSequence[google.cloud.vmwareengine_v1.types.ExternalAccessRule.IpRange]
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the
source IP addresses of an external access rule. To match all
source addresses, specify 0.0.0.0/0.
|
source_ports |
MutableSequence[str]
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or
["12345-12349"]. To match all source ports, specify
["0-65535"].
|
destination_ip_ranges |
MutableSequence[google.cloud.vmwareengine_v1.types.ExternalAccessRule.IpRange]
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address,
specify it using the IpRange.external_address property.
|
destination_ports |
MutableSequence[str]
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or
["12345-12349"]. To match all destination ports, specify
["0-65535"].
|
state |
google.cloud.vmwareengine_v1.types.ExternalAccessRule.State
Output only. The state of the resource. |
uid |
str
Output only. System-generated unique identifier for the resource. |
Classes
Action
Action(value)Action determines whether the external access rule permits or blocks traffic, subject to the other components of the rule matching the traffic.
IpRange
IpRange(mapping=None, *, ignore_unknown_fields=False, **kwargs)An IP range provided in any one of the supported formats.
This message has oneof_ fields (mutually exclusive fields).
For each oneof, at most one member field can be set at the same time.
Setting any member of the oneof automatically clears all other
members.
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
State
State(value)Defines possible states of external access firewall rules.