Struct google_api_proto::google::cloud::compute::v1::SecurityPolicyRule

source · 
pub struct SecurityPolicyRule {
    pub action: Option<String>,
    pub description: Option<String>,
    pub header_action: Option<SecurityPolicyRuleHttpHeaderAction>,
    pub kind: Option<String>,
    pub match: Option<SecurityPolicyRuleMatcher>,
    pub network_match: Option<SecurityPolicyRuleNetworkMatcher>,
    pub preconfigured_waf_config: Option<SecurityPolicyRulePreconfiguredWafConfig>,
    pub preview: Option<bool>,
    pub priority: Option<i32>,
    pub rate_limit_options: Option<SecurityPolicyRuleRateLimitOptions>,
    pub redirect_options: Option<SecurityPolicyRuleRedirectOptions>,
}
Expand description

Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).

Fields§

§action: Option<String>

The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this.

§description: Option<String>

An optional description of this resource. Provide this property when you create the resource.

§header_action: Option<SecurityPolicyRuleHttpHeaderAction>

Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR.

§kind: Option<String>

[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules

§match: Option<SecurityPolicyRuleMatcher>

A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding ‘action’ is enforced.

§network_match: Option<SecurityPolicyRuleNetworkMatcher>

A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding ‘action’ is enforced. The match criteria for a rule consists of built-in match fields (like ‘srcIpRanges’) and potentially multiple user-defined match fields (‘userDefinedFields’). Field values may be extracted directly from the packet or derived from it (e.g. ‘srcRegionCodes’). Some fields may not be present in every packet (e.g. ‘srcPorts’). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it’s not required to be present. For strings specifying ‘*’ is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - “192.0.2.0/24” - “198.51.100.0/24” userDefinedFields: - name: “ipv4_fragment_offset” values: - “1-0x1fff” The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named “ipv4_fragment_offset” with a value between 1 and 0x1fff inclusive.

§preconfigured_waf_config: Option<SecurityPolicyRulePreconfiguredWafConfig>

Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.

§preview: Option<bool>

If set to true, the specified action is not enforced.

§priority: Option<i32>

An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.

§rate_limit_options: Option<SecurityPolicyRuleRateLimitOptions>

Must be specified if the action is “rate_based_ban” or “throttle”. Cannot be specified for any other actions.

§redirect_options: Option<SecurityPolicyRuleRedirectOptions>

Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR.

Implementations§

source§

impl SecurityPolicyRule

source

pub fn kind(&self) -> &str

Returns the value of kind, or the default value if kind is unset.

source

pub fn action(&self) -> &str

Returns the value of action, or the default value if action is unset.

source

pub fn preview(&self) -> bool

Returns the value of preview, or the default value if preview is unset.

source

pub fn description(&self) -> &str

Returns the value of description, or the default value if description is unset.

source

pub fn priority(&self) -> i32

Returns the value of priority, or the default value if priority is unset.

Trait Implementations§

source§

impl Clone for SecurityPolicyRule

source§

fn clone(&self) -> SecurityPolicyRule

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for SecurityPolicyRule

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for SecurityPolicyRule

source§

fn default() -> Self

Returns the “default value” for a type. Read more
source§

impl Message for SecurityPolicyRule

source§

fn encoded_len(&self) -> usize

Returns the encoded length of the message without a length delimiter.
source§

fn clear(&mut self)

Clears the message, resetting all fields to their default.
source§

fn encode<B>(&self, buf: &mut B) -> Result<(), EncodeError>
where B: BufMut, Self: Sized,

Encodes the message to a buffer. Read more
source§

fn encode_to_vec(&self) -> Vec<u8>
where Self: Sized,

Encodes the message to a newly allocated buffer.
source§

fn encode_length_delimited<B>(&self, buf: &mut B) -> Result<(), EncodeError>
where B: BufMut, Self: Sized,

Encodes the message with a length-delimiter to a buffer. Read more
source§

fn encode_length_delimited_to_vec(&self) -> Vec<u8>
where Self: Sized,

Encodes the message with a length-delimiter to a newly allocated buffer.
source§

fn decode<B>(buf: B) -> Result<Self, DecodeError>
where B: Buf, Self: Default,

Decodes an instance of the message from a buffer. Read more
source§

fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError>
where B: Buf, Self: Default,

Decodes a length-delimited instance of the message from the buffer.
source§

fn merge<B>(&mut self, buf: B) -> Result<(), DecodeError>
where B: Buf, Self: Sized,

Decodes an instance of the message from a buffer, and merges it into self. Read more
source§

fn merge_length_delimited<B>(&mut self, buf: B) -> Result<(), DecodeError>
where B: Buf, Self: Sized,

Decodes a length-delimited instance of the message from buffer, and merges it into self.
source§

impl PartialEq for SecurityPolicyRule

source§

fn eq(&self, other: &SecurityPolicyRule) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl StructuralPartialEq for SecurityPolicyRule

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoRequest<T> for T

source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more