class Google::Apis::AccesscontextmanagerV1::EgressTo
Defines the conditions under which an EgressPolicy
matches a request. Conditions are based on information about the ApiOperation
intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter
, then that ServicePerimeter
must have an IngressPolicy
which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.
Attributes
A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom
. A request matches if it uses an operation/ service in this list. Corresponds to the JSON property `operations` @return [Array<Google::Apis::AccesscontextmanagerV1::ApiOperation>]
A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom
. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo
rule will authorize access to all resources outside the perimeter. Corresponds to the JSON property `resources` @return [Array<String>]
Public Class Methods
# File lib/google/apis/accesscontextmanager_v1/classes.rb, line 526 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/accesscontextmanager_v1/classes.rb, line 531 def update!(**args) @operations = args[:operations] if args.key?(:operations) @resources = args[:resources] if args.key?(:resources) end