blob: 8ae534db46e3468a2b1e4719602931cae8790773 [file] [log] [blame]
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="accesscontextmanager_v1beta.html">Access Context Manager API</a> . <a href="accesscontextmanager_v1beta.accessPolicies.html">accessPolicies</a> . <a href="accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html">servicePerimeters</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
Dmitry Frenkel3e17f892020-10-06 16:46:05 -070078 <code><a href="#close">close()</a></code></p>
79<p class="firstline">Close httplib2 connections.</p>
80<p class="toc_element">
Dan O'Mearadd494642020-05-01 07:42:23 -070081 <code><a href="#create">create(parent, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -070082<p class="firstline">Create a Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.</p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070083<p class="toc_element">
84 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -070085<p class="firstline">Delete a Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.</p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070086<p class="toc_element">
87 <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -070088<p class="firstline">Get a Service Perimeter by resource name.</p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070089<p class="toc_element">
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -080090 <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -070091<p class="firstline">List all Service Perimeters for an access policy.</p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070092<p class="toc_element">
93 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
94<p class="firstline">Retrieves the next page of results.</p>
95<p class="toc_element">
Dan O'Mearadd494642020-05-01 07:42:23 -070096 <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -070097<p class="firstline">Update a Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.</p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070098<h3>Method Details</h3>
99<div class="method">
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700100 <code class="details" id="close">close()</code>
101 <pre>Close httplib2 connections.</pre>
102</div>
103
104<div class="method">
Dan O'Mearadd494642020-05-01 07:42:23 -0700105 <code class="details" id="create">create(parent, body=None, x__xgafv=None)</code>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700106 <pre>Create a Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700107
108Args:
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700109 parent: string, Required. Resource name for the access policy which owns this Service Perimeter. Format: `accessPolicies/{policy_id}` (required)
Dan O'Mearadd494642020-05-01 07:42:23 -0700110 body: object, The request body.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700111 The object takes the form of:
112
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700113{ # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800114 &quot;description&quot;: &quot;A String&quot;, # Description of the `ServicePerimeter` and its use. Does not affect behavior.
115 &quot;name&quot;: &quot;A String&quot;, # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and &#x27;_&#x27;. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
116 &quot;perimeterType&quot;: &quot;A String&quot;, # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
117 &quot;status&quot;: { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
118 &quot;accessLevels&quot;: [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `&quot;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&quot;`. For Service Perimeter Bridge, must be empty.
119 &quot;A String&quot;,
120 ],
121 &quot;resources&quot;: [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
122 &quot;A String&quot;,
123 ],
124 &quot;restrictedServices&quot;: [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter&#x27;s access restrictions.
125 &quot;A String&quot;,
126 ],
127 &quot;unrestrictedServices&quot;: [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard &quot;*&quot;. The wildcard means that unless explicitly specified by &quot;restricted_services&quot; list, any service is treated as unrestricted.
128 &quot;A String&quot;,
129 ],
130 &quot;vpcAccessibleServices&quot;: { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
131 &quot;allowedServices&quot;: [ # The list of APIs usable within the Service Perimeter. Must be empty unless &#x27;enable_restriction&#x27; is True. You can specify a list of individual services, as well as include the &#x27;RESTRICTED-SERVICES&#x27; value, which automatically includes all of the services protected by the perimeter.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700132 &quot;A String&quot;,
133 ],
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800134 &quot;enableRestriction&quot;: True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in &#x27;allowed_services&#x27;.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700135 },
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800136 },
137 &quot;title&quot;: &quot;A String&quot;, # Human readable title. Must be unique within the Policy.
138}
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700139
140 x__xgafv: string, V1 error format.
141 Allowed values
142 1 - v1 error format
143 2 - v2 error format
144
145Returns:
146 An object of the form:
147
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700148 { # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800149 &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
150 &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
151 &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
152 &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
153 {
154 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
155 },
156 ],
157 &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
158 },
159 &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
160 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
161 },
162 &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
163 &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
164 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
165 },
166}</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700167</div>
168
169<div class="method">
170 <code class="details" id="delete">delete(name, x__xgafv=None)</code>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700171 <pre>Delete a Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700172
173Args:
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700174 name: string, Required. Resource name for the Service Perimeter. Format: `accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}` (required)
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700175 x__xgafv: string, V1 error format.
176 Allowed values
177 1 - v1 error format
178 2 - v2 error format
179
180Returns:
181 An object of the form:
182
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700183 { # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800184 &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
185 &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
186 &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
187 &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
188 {
189 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
190 },
191 ],
192 &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
193 },
194 &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
195 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
196 },
197 &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
198 &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
199 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
200 },
201}</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700202</div>
203
204<div class="method">
205 <code class="details" id="get">get(name, x__xgafv=None)</code>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700206 <pre>Get a Service Perimeter by resource name.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700207
208Args:
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700209 name: string, Required. Resource name for the Service Perimeter. Format: `accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}` (required)
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700210 x__xgafv: string, V1 error format.
211 Allowed values
212 1 - v1 error format
213 2 - v2 error format
214
215Returns:
216 An object of the form:
217
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700218 { # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800219 &quot;description&quot;: &quot;A String&quot;, # Description of the `ServicePerimeter` and its use. Does not affect behavior.
220 &quot;name&quot;: &quot;A String&quot;, # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and &#x27;_&#x27;. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
221 &quot;perimeterType&quot;: &quot;A String&quot;, # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
222 &quot;status&quot;: { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
223 &quot;accessLevels&quot;: [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `&quot;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&quot;`. For Service Perimeter Bridge, must be empty.
224 &quot;A String&quot;,
225 ],
226 &quot;resources&quot;: [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
227 &quot;A String&quot;,
228 ],
229 &quot;restrictedServices&quot;: [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter&#x27;s access restrictions.
230 &quot;A String&quot;,
231 ],
232 &quot;unrestrictedServices&quot;: [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard &quot;*&quot;. The wildcard means that unless explicitly specified by &quot;restricted_services&quot; list, any service is treated as unrestricted.
233 &quot;A String&quot;,
234 ],
235 &quot;vpcAccessibleServices&quot;: { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
236 &quot;allowedServices&quot;: [ # The list of APIs usable within the Service Perimeter. Must be empty unless &#x27;enable_restriction&#x27; is True. You can specify a list of individual services, as well as include the &#x27;RESTRICTED-SERVICES&#x27; value, which automatically includes all of the services protected by the perimeter.
237 &quot;A String&quot;,
238 ],
239 &quot;enableRestriction&quot;: True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in &#x27;allowed_services&#x27;.
240 },
241 },
242 &quot;title&quot;: &quot;A String&quot;, # Human readable title. Must be unique within the Policy.
243}</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700244</div>
245
246<div class="method">
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800247 <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700248 <pre>List all Service Perimeters for an access policy.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700249
250Args:
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700251 parent: string, Required. Resource name for the access policy to list Service Perimeters from. Format: `accessPolicies/{policy_id}` (required)
Yoshi Automation Botb6971b02020-11-26 17:16:03 -0800252 pageSize: integer, Number of Service Perimeters to include in the list. Default 100.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800253 pageToken: string, Next page token for the next batch of Service Perimeter instances. Defaults to the first page of results.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700254 x__xgafv: string, V1 error format.
255 Allowed values
256 1 - v1 error format
257 2 - v2 error format
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700258
259Returns:
260 An object of the form:
261
262 { # A response to `ListServicePerimetersRequest`.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800263 &quot;nextPageToken&quot;: &quot;A String&quot;, # The pagination token to retrieve the next page of results. If the value is empty, no further results remain.
264 &quot;servicePerimeters&quot;: [ # List of the Service Perimeter instances.
265 { # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
266 &quot;description&quot;: &quot;A String&quot;, # Description of the `ServicePerimeter` and its use. Does not affect behavior.
267 &quot;name&quot;: &quot;A String&quot;, # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and &#x27;_&#x27;. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
268 &quot;perimeterType&quot;: &quot;A String&quot;, # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
269 &quot;status&quot;: { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
270 &quot;accessLevels&quot;: [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `&quot;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&quot;`. For Service Perimeter Bridge, must be empty.
271 &quot;A String&quot;,
272 ],
273 &quot;resources&quot;: [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
274 &quot;A String&quot;,
275 ],
276 &quot;restrictedServices&quot;: [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter&#x27;s access restrictions.
277 &quot;A String&quot;,
278 ],
279 &quot;unrestrictedServices&quot;: [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard &quot;*&quot;. The wildcard means that unless explicitly specified by &quot;restricted_services&quot; list, any service is treated as unrestricted.
280 &quot;A String&quot;,
281 ],
282 &quot;vpcAccessibleServices&quot;: { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
283 &quot;allowedServices&quot;: [ # The list of APIs usable within the Service Perimeter. Must be empty unless &#x27;enable_restriction&#x27; is True. You can specify a list of individual services, as well as include the &#x27;RESTRICTED-SERVICES&#x27; value, which automatically includes all of the services protected by the perimeter.
284 &quot;A String&quot;,
285 ],
286 &quot;enableRestriction&quot;: True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in &#x27;allowed_services&#x27;.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700287 },
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800288 },
289 &quot;title&quot;: &quot;A String&quot;, # Human readable title. Must be unique within the Policy.
290 },
291 ],
292}</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700293</div>
294
295<div class="method">
296 <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
297 <pre>Retrieves the next page of results.
298
299Args:
300 previous_request: The request for the previous page. (required)
301 previous_response: The response from the request for the previous page. (required)
302
303Returns:
Bu Sun Kim65020912020-05-20 12:08:20 -0700304 A request object that you can call &#x27;execute()&#x27; on to request the next
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700305 page. Returns None if there are no more items in the collection.
306 </pre>
307</div>
308
309<div class="method">
Dan O'Mearadd494642020-05-01 07:42:23 -0700310 <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700311 <pre>Update a Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700312
313Args:
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700314 name: string, Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and &#x27;_&#x27;. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}` (required)
Dan O'Mearadd494642020-05-01 07:42:23 -0700315 body: object, The request body.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700316 The object takes the form of:
317
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700318{ # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800319 &quot;description&quot;: &quot;A String&quot;, # Description of the `ServicePerimeter` and its use. Does not affect behavior.
320 &quot;name&quot;: &quot;A String&quot;, # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and &#x27;_&#x27;. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
321 &quot;perimeterType&quot;: &quot;A String&quot;, # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
322 &quot;status&quot;: { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
323 &quot;accessLevels&quot;: [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `&quot;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&quot;`. For Service Perimeter Bridge, must be empty.
324 &quot;A String&quot;,
325 ],
326 &quot;resources&quot;: [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
327 &quot;A String&quot;,
328 ],
329 &quot;restrictedServices&quot;: [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter&#x27;s access restrictions.
330 &quot;A String&quot;,
331 ],
332 &quot;unrestrictedServices&quot;: [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard &quot;*&quot;. The wildcard means that unless explicitly specified by &quot;restricted_services&quot; list, any service is treated as unrestricted.
333 &quot;A String&quot;,
334 ],
335 &quot;vpcAccessibleServices&quot;: { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
336 &quot;allowedServices&quot;: [ # The list of APIs usable within the Service Perimeter. Must be empty unless &#x27;enable_restriction&#x27; is True. You can specify a list of individual services, as well as include the &#x27;RESTRICTED-SERVICES&#x27; value, which automatically includes all of the services protected by the perimeter.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700337 &quot;A String&quot;,
338 ],
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800339 &quot;enableRestriction&quot;: True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in &#x27;allowed_services&#x27;.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700340 },
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800341 },
342 &quot;title&quot;: &quot;A String&quot;, # Human readable title. Must be unique within the Policy.
343}
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700344
345 updateMask: string, Required. Mask to control which fields get updated. Must be non-empty.
346 x__xgafv: string, V1 error format.
347 Allowed values
348 1 - v1 error format
349 2 - v2 error format
350
351Returns:
352 An object of the form:
353
Dmitry Frenkel3e17f892020-10-06 16:46:05 -0700354 { # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Botcc94ec82021-01-15 07:10:04 -0800355 &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
356 &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
357 &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
358 &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
359 {
360 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
361 },
362 ],
363 &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
364 },
365 &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
366 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
367 },
368 &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
369 &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
370 &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
371 },
372}</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700373</div>
374
375</body></html>