Reference documentation and code samples for the Access Context Manager V1 API class Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy.
Policy for ingress into [ServicePerimeter]
[google.identity.accesscontextmanager.v1.ServicePerimeter].
[IngressPolicies]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy]
match requests based on ingress_from and ingress_to stanzas. For an
ingress policy to match, both the ingress_from and ingress_to stanzas
must be matched. If an [IngressPolicy]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy]
matches a request, the request is allowed through the perimeter boundary
from outside the perimeter.
For example, access from the internet can be allowed either
based on an [AccessLevel]
[google.identity.accesscontextmanager.v1.AccessLevel] or, for traffic
hosted on Google Cloud, the project of the source network. For access from
private networks, using the project of the hosting network is required.
Individual ingress policies can be limited by restricting which
services and/or actions they match using the ingress_to field.
(::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo) — Defines the conditions on the [ApiOperation]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
and request destination that cause this [IngressPolicy]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy]
to apply.
value (::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo) — Defines the conditions on the [ApiOperation]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
and request destination that cause this [IngressPolicy]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy]
to apply.
Returns
(::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo) — Defines the conditions on the [ApiOperation]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation]
and request destination that cause this [IngressPolicy]
[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy]
to apply.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-09 UTC."],[],[],null,["# Access Context Manager V1 API - Class Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy (v0.11.0)\n\nVersion latestkeyboard_arrow_down\n\n- [0.11.0 (latest)](/ruby/docs/reference/google-identity-access_context_manager-v1/latest/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.10.1](/ruby/docs/reference/google-identity-access_context_manager-v1/0.10.1/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.9.0](/ruby/docs/reference/google-identity-access_context_manager-v1/0.9.0/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.8.2](/ruby/docs/reference/google-identity-access_context_manager-v1/0.8.2/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.7.2](/ruby/docs/reference/google-identity-access_context_manager-v1/0.7.2/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.6.0](/ruby/docs/reference/google-identity-access_context_manager-v1/0.6.0/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.5.2](/ruby/docs/reference/google-identity-access_context_manager-v1/0.5.2/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.4.0](/ruby/docs/reference/google-identity-access_context_manager-v1/0.4.0/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.3.0](/ruby/docs/reference/google-identity-access_context_manager-v1/0.3.0/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.2.0](/ruby/docs/reference/google-identity-access_context_manager-v1/0.2.0/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy)\n- [0.1.2](/ruby/docs/reference/google-identity-access_context_manager-v1/0.1.2/Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressPolicy) \nReference documentation and code samples for the Access Context Manager V1 API class Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressPolicy.\n\nPolicy for ingress into \\[ServicePerimeter\\]\n\\[google.identity.accesscontextmanager.v1.ServicePerimeter\\].\n\n\n\\[IngressPolicies\\]\n\\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\]\nmatch requests based on `ingress_from` and `ingress_to` stanzas. For an\ningress policy to match, both the `ingress_from` and `ingress_to` stanzas\nmust be matched. If an \\[IngressPolicy\\]\n\\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\]\nmatches a request, the request is allowed through the perimeter boundary\nfrom outside the perimeter.\n\nFor example, access from the internet can be allowed either\nbased on an \\[AccessLevel\\]\n\\[google.identity.accesscontextmanager.v1.AccessLevel\\] or, for traffic\nhosted on Google Cloud, the project of the source network. For access from\nprivate networks, using the project of the hosting network is required.\n\n\u003cbr /\u003e\n\nIndividual ingress policies can be limited by restricting which\nservices and/or actions they match using the `ingress_to` field. \n\nInherits\n--------\n\n- Object \n\nExtended By\n-----------\n\n- Google::Protobuf::MessageExts::ClassMethods \n\nIncludes\n--------\n\n- Google::Protobuf::MessageExts\n\nMethods\n-------\n\n### #ingress_from\n\n def ingress_from() -\u003e ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom\n\n**Returns**\n\n- ([::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom](./Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressFrom)) --- Defines the conditions on the source of a request causing this \\[IngressPolicy\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\] to apply.\n\n### #ingress_from=\n\n def ingress_from=(value) -\u003e ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom\n\n**Parameter**\n\n- **value** ([::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom](./Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressFrom)) --- Defines the conditions on the source of a request causing this \\[IngressPolicy\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\] to apply. \n**Returns**\n\n- ([::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressFrom](./Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressFrom)) --- Defines the conditions on the source of a request causing this \\[IngressPolicy\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\] to apply.\n\n### #ingress_to\n\n def ingress_to() -\u003e ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo\n\n**Returns**\n\n- ([::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo](./Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressTo)) --- Defines the conditions on the \\[ApiOperation\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation\\] and request destination that cause this \\[IngressPolicy\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\] to apply.\n\n### #ingress_to=\n\n def ingress_to=(value) -\u003e ::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo\n\n**Parameter**\n\n- **value** ([::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo](./Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressTo)) --- Defines the conditions on the \\[ApiOperation\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation\\] and request destination that cause this \\[IngressPolicy\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\] to apply. \n**Returns**\n\n- ([::Google::Identity::AccessContextManager::V1::ServicePerimeterConfig::IngressTo](./Google-Identity-AccessContextManager-V1-ServicePerimeterConfig-IngressTo)) --- Defines the conditions on the \\[ApiOperation\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation\\] and request destination that cause this \\[IngressPolicy\\] \\[google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy\\] to apply."]]