docs/dyn/accesscontextmanager_v1.accessPolicies.servicePerimeters.html

<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="accesscontextmanager_v1.html">Access Context Manager API</a> . <a href="accesscontextmanager_v1.accessPolicies.html">accessPolicies</a> . <a href="accesscontextmanager_v1.accessPolicies.servicePerimeters.html">servicePerimeters</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
<p class="firstline">Create an Service Perimeter. The</p>
<p class="toc_element">
  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
<p class="firstline">Delete an Service Perimeter by resource</p>
<p class="toc_element">
  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Get an Service Perimeter by resource</p>
<p class="toc_element">
  <code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None)</a></code></p>
<p class="firstline">List all Service Perimeters for an</p>
<p class="toc_element">
  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
  <code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
<p class="firstline">Update an Service Perimeter. The</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="create">create(parent, body, x__xgafv=None)</code>
  <pre>Create an Service Perimeter. The
longrunning operation from this RPC will have a successful status once the
Service Perimeter has
propagated to long-lasting storage. Service Perimeters containing
errors will result in an error response for the first error encountered.

Args:
  parent: string, Required. Resource name for the access policy which owns this Service
Perimeter.

Format: `accessPolicies/{policy_id}` (required)
  body: object, The request body. (required)
    The object takes the form of:

{ # `ServicePerimeter` describes a set of GCP resources which can freely import
      # and export data amongst themselves, but not export outside of the
      # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
      # has a target outside of the `ServicePerimeter`, the request will be blocked.
      # Otherwise the request is allowed. There are two types of Service Perimeter -
      # Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
      # project can only belong to a single regular Service Perimeter. Service
      # Perimeter Bridges can contain only GCP projects as members, a single GCP
      # project may belong to multiple Service Perimeter Bridges.
    "status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
        # restricted services and access levels that determine perimeter
        # content and boundaries.
        # specific Service Perimeter configuration.
      "restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. For
          # example, if `storage.googleapis.com` is specified, access to the storage
          # buckets inside the perimeter must meet the perimeter's access restrictions.
        "A String",
      ],
      "resources": [ # A list of GCP resources that are inside of the service perimeter.
          # Currently only projects are allowed. Format: `projects/{project_number}`
        "A String",
      ],
      "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
          # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
          # must be in the same policy as this `ServicePerimeter`. Referencing a
          # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
          # listed, resources within the perimeter can only be accessed via GCP calls
          # with request origins within the perimeter. Example:
          # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
          # For Service Perimeter Bridge, must be empty.
        "A String",
      ],
    },
    "updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
    "name": "A String", # Required. Resource name for the ServicePerimeter.  The `short_name`
        # component must begin with a letter and only include alphanumeric and '_'.
        # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
    "title": "A String", # Human readable title. Must be unique within the Policy.
    "perimeterType": "A String", # Perimeter type indicator. A single project is
        # allowed to be a member of single regular perimeter, but multiple service
        # perimeter bridges. A project cannot be a included in a perimeter bridge
        # without being included in regular perimeter. For perimeter bridges,
        # the restricted service list as well as access level lists must be
        # empty.
    "createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
    "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
        # behavior.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # This resource represents a long-running operation that is the result of a
      # network API call.
    "metadata": { # Service-specific metadata associated with the operation.  It typically
        # contains progress information and common metadata such as create time.
        # Some services might not provide such metadata.  Any method that returns a
        # long-running operation should document the metadata type, if any.
      "a_key": "", # Properties of the object. Contains field @type with type URL.
    },
    "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
        # different programming environments, including REST APIs and RPC APIs. It is
        # used by [gRPC](https://github.com/grpc). Each `Status` message contains
        # three pieces of data: error code, error message, and error details.
        #
        # You can find out more about this error model and how to work with it in the
        # [API Design Guide](https://cloud.google.com/apis/design/errors).
      "message": "A String", # A developer-facing error message, which should be in English. Any
          # user-facing error message should be localized and sent in the
          # google.rpc.Status.details field, or localized by the client.
      "code": 42, # The status code, which should be an enum value of google.rpc.Code.
      "details": [ # A list of messages that carry the error details.  There is a common set of
          # message types for APIs to use.
        {
          "a_key": "", # Properties of the object. Contains field @type with type URL.
        },
      ],
    },
    "done": True or False, # If the value is `false`, it means the operation is still in progress.
        # If `true`, the operation is completed, and either `error` or `response` is
        # available.
    "response": { # The normal response of the operation in case of success.  If the original
        # method returns no data on success, such as `Delete`, the response is
        # `google.protobuf.Empty`.  If the original method is standard
        # `Get`/`Create`/`Update`, the response should be the resource.  For other
        # methods, the response should have the type `XxxResponse`, where `Xxx`
        # is the original method name.  For example, if the original method name
        # is `TakeSnapshot()`, the inferred response type is
        # `TakeSnapshotResponse`.
      "a_key": "", # Properties of the object. Contains field @type with type URL.
    },
    "name": "A String", # The server-assigned name, which is only unique within the same service that
        # originally returns it. If you use the default HTTP mapping, the
        # `name` should be a resource name ending with `operations/{unique_id}`.
  }</pre>
</div>

<div class="method">
    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
  <pre>Delete an Service Perimeter by resource
name. The longrunning operation from this RPC will have a successful status
once the Service Perimeter has been
removed from long-lasting storage.

Args:
  name: string, Required. Resource name for the Service Perimeter.

Format:
`accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}` (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # This resource represents a long-running operation that is the result of a
      # network API call.
    "metadata": { # Service-specific metadata associated with the operation.  It typically
        # contains progress information and common metadata such as create time.
        # Some services might not provide such metadata.  Any method that returns a
        # long-running operation should document the metadata type, if any.
      "a_key": "", # Properties of the object. Contains field @type with type URL.
    },
    "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
        # different programming environments, including REST APIs and RPC APIs. It is
        # used by [gRPC](https://github.com/grpc). Each `Status` message contains
        # three pieces of data: error code, error message, and error details.
        #
        # You can find out more about this error model and how to work with it in the
        # [API Design Guide](https://cloud.google.com/apis/design/errors).
      "message": "A String", # A developer-facing error message, which should be in English. Any
          # user-facing error message should be localized and sent in the
          # google.rpc.Status.details field, or localized by the client.
      "code": 42, # The status code, which should be an enum value of google.rpc.Code.
      "details": [ # A list of messages that carry the error details.  There is a common set of
          # message types for APIs to use.
        {
          "a_key": "", # Properties of the object. Contains field @type with type URL.
        },
      ],
    },
    "done": True or False, # If the value is `false`, it means the operation is still in progress.
        # If `true`, the operation is completed, and either `error` or `response` is
        # available.
    "response": { # The normal response of the operation in case of success.  If the original
        # method returns no data on success, such as `Delete`, the response is
        # `google.protobuf.Empty`.  If the original method is standard
        # `Get`/`Create`/`Update`, the response should be the resource.  For other
        # methods, the response should have the type `XxxResponse`, where `Xxx`
        # is the original method name.  For example, if the original method name
        # is `TakeSnapshot()`, the inferred response type is
        # `TakeSnapshotResponse`.
      "a_key": "", # Properties of the object. Contains field @type with type URL.
    },
    "name": "A String", # The server-assigned name, which is only unique within the same service that
        # originally returns it. If you use the default HTTP mapping, the
        # `name` should be a resource name ending with `operations/{unique_id}`.
  }</pre>
</div>

<div class="method">
    <code class="details" id="get">get(name, x__xgafv=None)</code>
  <pre>Get an Service Perimeter by resource
name.

Args:
  name: string, Required. Resource name for the Service Perimeter.

Format:
`accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}` (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # `ServicePerimeter` describes a set of GCP resources which can freely import
        # and export data amongst themselves, but not export outside of the
        # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
        # has a target outside of the `ServicePerimeter`, the request will be blocked.
        # Otherwise the request is allowed. There are two types of Service Perimeter -
        # Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
        # project can only belong to a single regular Service Perimeter. Service
        # Perimeter Bridges can contain only GCP projects as members, a single GCP
        # project may belong to multiple Service Perimeter Bridges.
      "status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
          # restricted services and access levels that determine perimeter
          # content and boundaries.
          # specific Service Perimeter configuration.
        "restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. For
            # example, if `storage.googleapis.com` is specified, access to the storage
            # buckets inside the perimeter must meet the perimeter's access restrictions.
          "A String",
        ],
        "resources": [ # A list of GCP resources that are inside of the service perimeter.
            # Currently only projects are allowed. Format: `projects/{project_number}`
          "A String",
        ],
        "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
            # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
            # must be in the same policy as this `ServicePerimeter`. Referencing a
            # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
            # listed, resources within the perimeter can only be accessed via GCP calls
            # with request origins within the perimeter. Example:
            # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
            # For Service Perimeter Bridge, must be empty.
          "A String",
        ],
      },
      "updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
      "name": "A String", # Required. Resource name for the ServicePerimeter.  The `short_name`
          # component must begin with a letter and only include alphanumeric and '_'.
          # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
      "title": "A String", # Human readable title. Must be unique within the Policy.
      "perimeterType": "A String", # Perimeter type indicator. A single project is
          # allowed to be a member of single regular perimeter, but multiple service
          # perimeter bridges. A project cannot be a included in a perimeter bridge
          # without being included in regular perimeter. For perimeter bridges,
          # the restricted service list as well as access level lists must be
          # empty.
      "createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
      "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
          # behavior.
    }</pre>
</div>

<div class="method">
    <code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None)</code>
  <pre>List all Service Perimeters for an
access policy.

Args:
  parent: string, Required. Resource name for the access policy to list Service Perimeters from.

Format:
`accessPolicies/{policy_id}` (required)
  pageToken: string, Next page token for the next batch of Service Perimeter instances.
Defaults to the first page of results.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format
  pageSize: integer, Number of Service Perimeters to include
in the list. Default 100.

Returns:
  An object of the form:

    { # A response to `ListServicePerimetersRequest`.
    "nextPageToken": "A String", # The pagination token to retrieve the next page of results. If the value is
        # empty, no further results remain.
    "servicePerimeters": [ # List of the Service Perimeter instances.
      { # `ServicePerimeter` describes a set of GCP resources which can freely import
            # and export data amongst themselves, but not export outside of the
            # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
            # has a target outside of the `ServicePerimeter`, the request will be blocked.
            # Otherwise the request is allowed. There are two types of Service Perimeter -
            # Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
            # project can only belong to a single regular Service Perimeter. Service
            # Perimeter Bridges can contain only GCP projects as members, a single GCP
            # project may belong to multiple Service Perimeter Bridges.
          "status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
              # restricted services and access levels that determine perimeter
              # content and boundaries.
              # specific Service Perimeter configuration.
            "restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. For
                # example, if `storage.googleapis.com` is specified, access to the storage
                # buckets inside the perimeter must meet the perimeter's access restrictions.
              "A String",
            ],
            "resources": [ # A list of GCP resources that are inside of the service perimeter.
                # Currently only projects are allowed. Format: `projects/{project_number}`
              "A String",
            ],
            "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
                # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
                # must be in the same policy as this `ServicePerimeter`. Referencing a
                # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
                # listed, resources within the perimeter can only be accessed via GCP calls
                # with request origins within the perimeter. Example:
                # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
                # For Service Perimeter Bridge, must be empty.
              "A String",
            ],
          },
          "updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
          "name": "A String", # Required. Resource name for the ServicePerimeter.  The `short_name`
              # component must begin with a letter and only include alphanumeric and '_'.
              # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
          "title": "A String", # Human readable title. Must be unique within the Policy.
          "perimeterType": "A String", # Perimeter type indicator. A single project is
              # allowed to be a member of single regular perimeter, but multiple service
              # perimeter bridges. A project cannot be a included in a perimeter bridge
              # without being included in regular perimeter. For perimeter bridges,
              # the restricted service list as well as access level lists must be
              # empty.
          "createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
          "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
              # behavior.
        },
    ],
  }</pre>
</div>

<div class="method">
    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
  <pre>Retrieves the next page of results.

Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)

Returns:
  A request object that you can call 'execute()' on to request the next
  page. Returns None if there are no more items in the collection.
    </pre>
</div>

<div class="method">
    <code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code>
  <pre>Update an Service Perimeter. The
longrunning operation from this RPC will have a successful status once the
changes to the Service Perimeter have
propagated to long-lasting storage. Service Perimeter containing
errors will result in an error response for the first error encountered.

Args:
  name: string, Required. Resource name for the ServicePerimeter.  The `short_name`
component must begin with a letter and only include alphanumeric and '_'.
Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}` (required)
  body: object, The request body. (required)
    The object takes the form of:

{ # `ServicePerimeter` describes a set of GCP resources which can freely import
      # and export data amongst themselves, but not export outside of the
      # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
      # has a target outside of the `ServicePerimeter`, the request will be blocked.
      # Otherwise the request is allowed. There are two types of Service Perimeter -
      # Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
      # project can only belong to a single regular Service Perimeter. Service
      # Perimeter Bridges can contain only GCP projects as members, a single GCP
      # project may belong to multiple Service Perimeter Bridges.
    "status": { # `ServicePerimeterConfig` specifies a set of GCP resources that describe # Current ServicePerimeter configuration. Specifies sets of resources,
        # restricted services and access levels that determine perimeter
        # content and boundaries.
        # specific Service Perimeter configuration.
      "restrictedServices": [ # GCP services that are subject to the Service Perimeter restrictions. For
          # example, if `storage.googleapis.com` is specified, access to the storage
          # buckets inside the perimeter must meet the perimeter's access restrictions.
        "A String",
      ],
      "resources": [ # A list of GCP resources that are inside of the service perimeter.
          # Currently only projects are allowed. Format: `projects/{project_number}`
        "A String",
      ],
      "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
          # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
          # must be in the same policy as this `ServicePerimeter`. Referencing a
          # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
          # listed, resources within the perimeter can only be accessed via GCP calls
          # with request origins within the perimeter. Example:
          # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
          # For Service Perimeter Bridge, must be empty.
        "A String",
      ],
    },
    "updateTime": "A String", # Output only. Time the `ServicePerimeter` was updated in UTC.
    "name": "A String", # Required. Resource name for the ServicePerimeter.  The `short_name`
        # component must begin with a letter and only include alphanumeric and '_'.
        # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
    "title": "A String", # Human readable title. Must be unique within the Policy.
    "perimeterType": "A String", # Perimeter type indicator. A single project is
        # allowed to be a member of single regular perimeter, but multiple service
        # perimeter bridges. A project cannot be a included in a perimeter bridge
        # without being included in regular perimeter. For perimeter bridges,
        # the restricted service list as well as access level lists must be
        # empty.
    "createTime": "A String", # Output only. Time the `ServicePerimeter` was created in UTC.
    "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
        # behavior.
  }

  updateMask: string, Required. Mask to control which fields get updated. Must be non-empty.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # This resource represents a long-running operation that is the result of a
      # network API call.
    "metadata": { # Service-specific metadata associated with the operation.  It typically
        # contains progress information and common metadata such as create time.
        # Some services might not provide such metadata.  Any method that returns a
        # long-running operation should document the metadata type, if any.
      "a_key": "", # Properties of the object. Contains field @type with type URL.
    },
    "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
        # different programming environments, including REST APIs and RPC APIs. It is
        # used by [gRPC](https://github.com/grpc). Each `Status` message contains
        # three pieces of data: error code, error message, and error details.
        #
        # You can find out more about this error model and how to work with it in the
        # [API Design Guide](https://cloud.google.com/apis/design/errors).
      "message": "A String", # A developer-facing error message, which should be in English. Any
          # user-facing error message should be localized and sent in the
          # google.rpc.Status.details field, or localized by the client.
      "code": 42, # The status code, which should be an enum value of google.rpc.Code.
      "details": [ # A list of messages that carry the error details.  There is a common set of
          # message types for APIs to use.
        {
          "a_key": "", # Properties of the object. Contains field @type with type URL.
        },
      ],
    },
    "done": True or False, # If the value is `false`, it means the operation is still in progress.
        # If `true`, the operation is completed, and either `error` or `response` is
        # available.
    "response": { # The normal response of the operation in case of success.  If the original
        # method returns no data on success, such as `Delete`, the response is
        # `google.protobuf.Empty`.  If the original method is standard
        # `Get`/`Create`/`Update`, the response should be the resource.  For other
        # methods, the response should have the type `XxxResponse`, where `Xxx`
        # is the original method name.  For example, if the original method name
        # is `TakeSnapshot()`, the inferred response type is
        # `TakeSnapshotResponse`.
      "a_key": "", # Properties of the object. Contains field @type with type URL.
    },
    "name": "A String", # The server-assigned name, which is only unique within the same service that
        # originally returns it. If you use the default HTTP mapping, the
        # `name` should be a resource name ending with `operations/{unique_id}`.
  }</pre>
</div>

</body></html>