You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
589 lines
30 KiB
589 lines
30 KiB
<html><body>
|
|
<style>
|
|
|
|
body, h1, h2, h3, div, span, p, pre, a {
|
|
margin: 0;
|
|
padding: 0;
|
|
border: 0;
|
|
font-weight: inherit;
|
|
font-style: inherit;
|
|
font-size: 100%;
|
|
font-family: inherit;
|
|
vertical-align: baseline;
|
|
}
|
|
|
|
body {
|
|
font-size: 13px;
|
|
padding: 1em;
|
|
}
|
|
|
|
h1 {
|
|
font-size: 26px;
|
|
margin-bottom: 1em;
|
|
}
|
|
|
|
h2 {
|
|
font-size: 24px;
|
|
margin-bottom: 1em;
|
|
}
|
|
|
|
h3 {
|
|
font-size: 20px;
|
|
margin-bottom: 1em;
|
|
margin-top: 1em;
|
|
}
|
|
|
|
pre, code {
|
|
line-height: 1.5;
|
|
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
|
|
}
|
|
|
|
pre {
|
|
margin-top: 0.5em;
|
|
}
|
|
|
|
h1, h2, h3, p {
|
|
font-family: Arial, sans serif;
|
|
}
|
|
|
|
h1, h2, h3 {
|
|
border-bottom: solid #CCC 1px;
|
|
}
|
|
|
|
.toc_element {
|
|
margin-top: 0.5em;
|
|
}
|
|
|
|
.firstline {
|
|
margin-left: 2 em;
|
|
}
|
|
|
|
.method {
|
|
margin-top: 1em;
|
|
border: solid 1px #CCC;
|
|
padding: 1em;
|
|
background: #EEE;
|
|
}
|
|
|
|
.details {
|
|
font-weight: bold;
|
|
font-size: 14px;
|
|
}
|
|
|
|
</style>
|
|
|
|
<h1><a href="accesscontextmanager_v1beta.html">Access Context Manager API</a> . <a href="accesscontextmanager_v1beta.accessPolicies.html">accessPolicies</a> . <a href="accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html">servicePerimeters</a></h1>
|
|
<h2>Instance Methods</h2>
|
|
<p class="toc_element">
|
|
<code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Create an Service Perimeter. The</p>
|
|
<p class="toc_element">
|
|
<code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Delete an Service Perimeter by resource</p>
|
|
<p class="toc_element">
|
|
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Get an Service Perimeter by resource</p>
|
|
<p class="toc_element">
|
|
<code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None)</a></code></p>
|
|
<p class="firstline">List all Service Perimeters for an</p>
|
|
<p class="toc_element">
|
|
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
|
|
<p class="firstline">Retrieves the next page of results.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Update an Service Perimeter. The</p>
|
|
<h3>Method Details</h3>
|
|
<div class="method">
|
|
<code class="details" id="create">create(parent, body, x__xgafv=None)</code>
|
|
<pre>Create an Service Perimeter. The
|
|
longrunning operation from this RPC will have a successful status once the
|
|
Service Perimeter has
|
|
propagated to long-lasting storage. Service Perimeters containing
|
|
errors will result in an error response for the first error encountered.
|
|
|
|
Args:
|
|
parent: string, Required. Resource name for the access policy which owns this Service
|
|
Perimeter.
|
|
|
|
Format: `accessPolicies/{policy_id}` (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # `ServicePerimeter` describes a set of GCP resources which can freely import
|
|
# and export data amongst themselves, but not export outside of the
|
|
# `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
|
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
|
|
# project can only belong to a single regular Service Perimeter. Service
|
|
# Perimeter Bridges can contain only GCP projects as members, a single GCP
|
|
# project may belong to multiple Service Perimeter Bridges.
|
|
"status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
|
|
# restricted/unrestricted services and access levels that determine perimeter
|
|
# content and boundaries.
|
|
# specific Service Perimeter configuration.
|
|
"restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. Must
|
|
# contain a list of services. For example, if
|
|
# `storage.googleapis.com` is specified, access to the storage buckets
|
|
# inside the perimeter must meet the perimeter's access restrictions.
|
|
"A String",
|
|
],
|
|
"unrestrictedServices": [ # GCP services that are not subject to the Service Perimeter
|
|
# restrictions. Deprecated. Must be set to a single wildcard "*".
|
|
#
|
|
# The wildcard means that unless explicitly specified by
|
|
# "restricted_services" list, any service is treated as unrestricted.
|
|
"A String",
|
|
],
|
|
"resources": [ # A list of GCP resources that are inside of the service perimeter.
|
|
# Currently only projects are allowed. Format: `projects/{project_number}`
|
|
"A String",
|
|
],
|
|
"accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
|
|
# `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
|
|
# must be in the same policy as this `ServicePerimeter`. Referencing a
|
|
# nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
|
|
# listed, resources within the perimeter can only be accessed via GCP calls
|
|
# with request origins within the perimeter. Example:
|
|
# `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
|
|
# For Service Perimeter Bridge, must be empty.
|
|
"A String",
|
|
],
|
|
},
|
|
"updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
|
|
"description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
|
|
# behavior.
|
|
"title": "A String", # Human readable title. Must be unique within the Policy.
|
|
"perimeterType": "A String", # Perimeter type indicator. A single project is
|
|
# allowed to be a member of single regular perimeter, but multiple service
|
|
# perimeter bridges. A project cannot be a included in a perimeter bridge
|
|
# without being included in regular perimeter. For perimeter bridges,
|
|
# restricted/unrestricted service lists as well as access lists must be
|
|
# empty.
|
|
"createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
|
|
"name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
|
|
# component must begin with a letter and only include alphanumeric and '_'.
|
|
# Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # This resource represents a long-running operation that is the result of a
|
|
# network API call.
|
|
"response": { # The normal response of the operation in case of success. If the original
|
|
# method returns no data on success, such as `Delete`, the response is
|
|
# `google.protobuf.Empty`. If the original method is standard
|
|
# `Get`/`Create`/`Update`, the response should be the resource. For other
|
|
# methods, the response should have the type `XxxResponse`, where `Xxx`
|
|
# is the original method name. For example, if the original method name
|
|
# is `TakeSnapshot()`, the inferred response type is
|
|
# `TakeSnapshotResponse`.
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
"metadata": { # Service-specific metadata associated with the operation. It typically
|
|
# contains progress information and common metadata such as create time.
|
|
# Some services might not provide such metadata. Any method that returns a
|
|
# long-running operation should document the metadata type, if any.
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
"done": True or False, # If the value is `false`, it means the operation is still in progress.
|
|
# If `true`, the operation is completed, and either `error` or `response` is
|
|
# available.
|
|
"name": "A String", # The server-assigned name, which is only unique within the same service that
|
|
# originally returns it. If you use the default HTTP mapping, the
|
|
# `name` should be a resource name ending with `operations/{unique_id}`.
|
|
"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
|
|
# different programming environments, including REST APIs and RPC APIs. It is
|
|
# used by [gRPC](https://github.com/grpc). Each `Status` message contains
|
|
# three pieces of data: error code, error message, and error details.
|
|
#
|
|
# You can find out more about this error model and how to work with it in the
|
|
# [API Design Guide](https://cloud.google.com/apis/design/errors).
|
|
"message": "A String", # A developer-facing error message, which should be in English. Any
|
|
# user-facing error message should be localized and sent in the
|
|
# google.rpc.Status.details field, or localized by the client.
|
|
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
|
|
"details": [ # A list of messages that carry the error details. There is a common set of
|
|
# message types for APIs to use.
|
|
{
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
],
|
|
},
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="delete">delete(name, x__xgafv=None)</code>
|
|
<pre>Delete an Service Perimeter by resource
|
|
name. The longrunning operation from this RPC will have a successful status
|
|
once the Service Perimeter has been
|
|
removed from long-lasting storage.
|
|
|
|
Args:
|
|
name: string, Required. Resource name for the Service Perimeter.
|
|
|
|
Format:
|
|
`accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}` (required)
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # This resource represents a long-running operation that is the result of a
|
|
# network API call.
|
|
"response": { # The normal response of the operation in case of success. If the original
|
|
# method returns no data on success, such as `Delete`, the response is
|
|
# `google.protobuf.Empty`. If the original method is standard
|
|
# `Get`/`Create`/`Update`, the response should be the resource. For other
|
|
# methods, the response should have the type `XxxResponse`, where `Xxx`
|
|
# is the original method name. For example, if the original method name
|
|
# is `TakeSnapshot()`, the inferred response type is
|
|
# `TakeSnapshotResponse`.
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
"metadata": { # Service-specific metadata associated with the operation. It typically
|
|
# contains progress information and common metadata such as create time.
|
|
# Some services might not provide such metadata. Any method that returns a
|
|
# long-running operation should document the metadata type, if any.
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
"done": True or False, # If the value is `false`, it means the operation is still in progress.
|
|
# If `true`, the operation is completed, and either `error` or `response` is
|
|
# available.
|
|
"name": "A String", # The server-assigned name, which is only unique within the same service that
|
|
# originally returns it. If you use the default HTTP mapping, the
|
|
# `name` should be a resource name ending with `operations/{unique_id}`.
|
|
"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
|
|
# different programming environments, including REST APIs and RPC APIs. It is
|
|
# used by [gRPC](https://github.com/grpc). Each `Status` message contains
|
|
# three pieces of data: error code, error message, and error details.
|
|
#
|
|
# You can find out more about this error model and how to work with it in the
|
|
# [API Design Guide](https://cloud.google.com/apis/design/errors).
|
|
"message": "A String", # A developer-facing error message, which should be in English. Any
|
|
# user-facing error message should be localized and sent in the
|
|
# google.rpc.Status.details field, or localized by the client.
|
|
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
|
|
"details": [ # A list of messages that carry the error details. There is a common set of
|
|
# message types for APIs to use.
|
|
{
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
],
|
|
},
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="get">get(name, x__xgafv=None)</code>
|
|
<pre>Get an Service Perimeter by resource
|
|
name.
|
|
|
|
Args:
|
|
name: string, Required. Resource name for the Service Perimeter.
|
|
|
|
Format:
|
|
`accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}` (required)
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # `ServicePerimeter` describes a set of GCP resources which can freely import
|
|
# and export data amongst themselves, but not export outside of the
|
|
# `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
|
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
|
|
# project can only belong to a single regular Service Perimeter. Service
|
|
# Perimeter Bridges can contain only GCP projects as members, a single GCP
|
|
# project may belong to multiple Service Perimeter Bridges.
|
|
"status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
|
|
# restricted/unrestricted services and access levels that determine perimeter
|
|
# content and boundaries.
|
|
# specific Service Perimeter configuration.
|
|
"restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. Must
|
|
# contain a list of services. For example, if
|
|
# `storage.googleapis.com` is specified, access to the storage buckets
|
|
# inside the perimeter must meet the perimeter's access restrictions.
|
|
"A String",
|
|
],
|
|
"unrestrictedServices": [ # GCP services that are not subject to the Service Perimeter
|
|
# restrictions. Deprecated. Must be set to a single wildcard "*".
|
|
#
|
|
# The wildcard means that unless explicitly specified by
|
|
# "restricted_services" list, any service is treated as unrestricted.
|
|
"A String",
|
|
],
|
|
"resources": [ # A list of GCP resources that are inside of the service perimeter.
|
|
# Currently only projects are allowed. Format: `projects/{project_number}`
|
|
"A String",
|
|
],
|
|
"accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
|
|
# `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
|
|
# must be in the same policy as this `ServicePerimeter`. Referencing a
|
|
# nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
|
|
# listed, resources within the perimeter can only be accessed via GCP calls
|
|
# with request origins within the perimeter. Example:
|
|
# `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
|
|
# For Service Perimeter Bridge, must be empty.
|
|
"A String",
|
|
],
|
|
},
|
|
"updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
|
|
"description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
|
|
# behavior.
|
|
"title": "A String", # Human readable title. Must be unique within the Policy.
|
|
"perimeterType": "A String", # Perimeter type indicator. A single project is
|
|
# allowed to be a member of single regular perimeter, but multiple service
|
|
# perimeter bridges. A project cannot be a included in a perimeter bridge
|
|
# without being included in regular perimeter. For perimeter bridges,
|
|
# restricted/unrestricted service lists as well as access lists must be
|
|
# empty.
|
|
"createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
|
|
"name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
|
|
# component must begin with a letter and only include alphanumeric and '_'.
|
|
# Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None)</code>
|
|
<pre>List all Service Perimeters for an
|
|
access policy.
|
|
|
|
Args:
|
|
parent: string, Required. Resource name for the access policy to list Service Perimeters from.
|
|
|
|
Format:
|
|
`accessPolicies/{policy_id}` (required)
|
|
pageToken: string, Next page token for the next batch of Service Perimeter instances.
|
|
Defaults to the first page of results.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
pageSize: integer, Number of Service Perimeters to include
|
|
in the list. Default 100.
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A response to `ListServicePerimetersRequest`.
|
|
"nextPageToken": "A String", # The pagination token to retrieve the next page of results. If the value is
|
|
# empty, no further results remain.
|
|
"servicePerimeters": [ # List of the Service Perimeter instances.
|
|
{ # `ServicePerimeter` describes a set of GCP resources which can freely import
|
|
# and export data amongst themselves, but not export outside of the
|
|
# `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
|
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
|
|
# project can only belong to a single regular Service Perimeter. Service
|
|
# Perimeter Bridges can contain only GCP projects as members, a single GCP
|
|
# project may belong to multiple Service Perimeter Bridges.
|
|
"status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
|
|
# restricted/unrestricted services and access levels that determine perimeter
|
|
# content and boundaries.
|
|
# specific Service Perimeter configuration.
|
|
"restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. Must
|
|
# contain a list of services. For example, if
|
|
# `storage.googleapis.com` is specified, access to the storage buckets
|
|
# inside the perimeter must meet the perimeter's access restrictions.
|
|
"A String",
|
|
],
|
|
"unrestrictedServices": [ # GCP services that are not subject to the Service Perimeter
|
|
# restrictions. Deprecated. Must be set to a single wildcard "*".
|
|
#
|
|
# The wildcard means that unless explicitly specified by
|
|
# "restricted_services" list, any service is treated as unrestricted.
|
|
"A String",
|
|
],
|
|
"resources": [ # A list of GCP resources that are inside of the service perimeter.
|
|
# Currently only projects are allowed. Format: `projects/{project_number}`
|
|
"A String",
|
|
],
|
|
"accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
|
|
# `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
|
|
# must be in the same policy as this `ServicePerimeter`. Referencing a
|
|
# nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
|
|
# listed, resources within the perimeter can only be accessed via GCP calls
|
|
# with request origins within the perimeter. Example:
|
|
# `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
|
|
# For Service Perimeter Bridge, must be empty.
|
|
"A String",
|
|
],
|
|
},
|
|
"updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
|
|
"description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
|
|
# behavior.
|
|
"title": "A String", # Human readable title. Must be unique within the Policy.
|
|
"perimeterType": "A String", # Perimeter type indicator. A single project is
|
|
# allowed to be a member of single regular perimeter, but multiple service
|
|
# perimeter bridges. A project cannot be a included in a perimeter bridge
|
|
# without being included in regular perimeter. For perimeter bridges,
|
|
# restricted/unrestricted service lists as well as access lists must be
|
|
# empty.
|
|
"createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
|
|
"name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
|
|
# component must begin with a letter and only include alphanumeric and '_'.
|
|
# Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
|
|
},
|
|
],
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="list_next">list_next(previous_request, previous_response)</code>
|
|
<pre>Retrieves the next page of results.
|
|
|
|
Args:
|
|
previous_request: The request for the previous page. (required)
|
|
previous_response: The response from the request for the previous page. (required)
|
|
|
|
Returns:
|
|
A request object that you can call 'execute()' on to request the next
|
|
page. Returns None if there are no more items in the collection.
|
|
</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code>
|
|
<pre>Update an Service Perimeter. The
|
|
longrunning operation from this RPC will have a successful status once the
|
|
changes to the Service Perimeter have
|
|
propagated to long-lasting storage. Service Perimeter containing
|
|
errors will result in an error response for the first error encountered.
|
|
|
|
Args:
|
|
name: string, Required. Resource name for the ServicePerimeter. The `short_name`
|
|
component must begin with a letter and only include alphanumeric and '_'.
|
|
Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}` (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # `ServicePerimeter` describes a set of GCP resources which can freely import
|
|
# and export data amongst themselves, but not export outside of the
|
|
# `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
|
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
|
|
# project can only belong to a single regular Service Perimeter. Service
|
|
# Perimeter Bridges can contain only GCP projects as members, a single GCP
|
|
# project may belong to multiple Service Perimeter Bridges.
|
|
"status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
|
|
# restricted/unrestricted services and access levels that determine perimeter
|
|
# content and boundaries.
|
|
# specific Service Perimeter configuration.
|
|
"restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. Must
|
|
# contain a list of services. For example, if
|
|
# `storage.googleapis.com` is specified, access to the storage buckets
|
|
# inside the perimeter must meet the perimeter's access restrictions.
|
|
"A String",
|
|
],
|
|
"unrestrictedServices": [ # GCP services that are not subject to the Service Perimeter
|
|
# restrictions. Deprecated. Must be set to a single wildcard "*".
|
|
#
|
|
# The wildcard means that unless explicitly specified by
|
|
# "restricted_services" list, any service is treated as unrestricted.
|
|
"A String",
|
|
],
|
|
"resources": [ # A list of GCP resources that are inside of the service perimeter.
|
|
# Currently only projects are allowed. Format: `projects/{project_number}`
|
|
"A String",
|
|
],
|
|
"accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
|
|
# `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
|
|
# must be in the same policy as this `ServicePerimeter`. Referencing a
|
|
# nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
|
|
# listed, resources within the perimeter can only be accessed via GCP calls
|
|
# with request origins within the perimeter. Example:
|
|
# `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
|
|
# For Service Perimeter Bridge, must be empty.
|
|
"A String",
|
|
],
|
|
},
|
|
"updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
|
|
"description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
|
|
# behavior.
|
|
"title": "A String", # Human readable title. Must be unique within the Policy.
|
|
"perimeterType": "A String", # Perimeter type indicator. A single project is
|
|
# allowed to be a member of single regular perimeter, but multiple service
|
|
# perimeter bridges. A project cannot be a included in a perimeter bridge
|
|
# without being included in regular perimeter. For perimeter bridges,
|
|
# restricted/unrestricted service lists as well as access lists must be
|
|
# empty.
|
|
"createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
|
|
"name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
|
|
# component must begin with a letter and only include alphanumeric and '_'.
|
|
# Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
|
|
}
|
|
|
|
updateMask: string, Required. Mask to control which fields get updated. Must be non-empty.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # This resource represents a long-running operation that is the result of a
|
|
# network API call.
|
|
"response": { # The normal response of the operation in case of success. If the original
|
|
# method returns no data on success, such as `Delete`, the response is
|
|
# `google.protobuf.Empty`. If the original method is standard
|
|
# `Get`/`Create`/`Update`, the response should be the resource. For other
|
|
# methods, the response should have the type `XxxResponse`, where `Xxx`
|
|
# is the original method name. For example, if the original method name
|
|
# is `TakeSnapshot()`, the inferred response type is
|
|
# `TakeSnapshotResponse`.
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
"metadata": { # Service-specific metadata associated with the operation. It typically
|
|
# contains progress information and common metadata such as create time.
|
|
# Some services might not provide such metadata. Any method that returns a
|
|
# long-running operation should document the metadata type, if any.
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
"done": True or False, # If the value is `false`, it means the operation is still in progress.
|
|
# If `true`, the operation is completed, and either `error` or `response` is
|
|
# available.
|
|
"name": "A String", # The server-assigned name, which is only unique within the same service that
|
|
# originally returns it. If you use the default HTTP mapping, the
|
|
# `name` should be a resource name ending with `operations/{unique_id}`.
|
|
"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
|
|
# different programming environments, including REST APIs and RPC APIs. It is
|
|
# used by [gRPC](https://github.com/grpc). Each `Status` message contains
|
|
# three pieces of data: error code, error message, and error details.
|
|
#
|
|
# You can find out more about this error model and how to work with it in the
|
|
# [API Design Guide](https://cloud.google.com/apis/design/errors).
|
|
"message": "A String", # A developer-facing error message, which should be in English. Any
|
|
# user-facing error message should be localized and sent in the
|
|
# google.rpc.Status.details field, or localized by the client.
|
|
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
|
|
"details": [ # A list of messages that carry the error details. There is a common set of
|
|
# message types for APIs to use.
|
|
{
|
|
"a_key": "", # Properties of the object. Contains field @type with type URL.
|
|
},
|
|
],
|
|
},
|
|
}</pre>
|
|
</div>
|
|
|
|
</body></html> |