lib/google_api/cloud_asset/v1/model/google_identity_accesscontextmanager_v1_service_perimeter_config.ex

# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig do
  @moduledoc """
  `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

  ## Attributes

  *   `accessLevels` (*type:* `list(String.t)`, *default:* `nil`) - A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
  *   `egressPolicies` (*type:* `list(GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1EgressPolicy.t)`, *default:* `nil`) - List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.
  *   `ingressPolicies` (*type:* `list(GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1IngressPolicy.t)`, *default:* `nil`) - List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.
  *   `resources` (*type:* `list(String.t)`, *default:* `nil`) - A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
  *   `restrictedServices` (*type:* `list(String.t)`, *default:* `nil`) - Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
  *   `vpcAccessibleServices` (*type:* `GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices.t`, *default:* `nil`) - Configuration for APIs allowed within Perimeter.
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :accessLevels => list(String.t()) | nil,
          :egressPolicies =>
            list(
              GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1EgressPolicy.t()
            )
            | nil,
          :ingressPolicies =>
            list(
              GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1IngressPolicy.t()
            )
            | nil,
          :resources => list(String.t()) | nil,
          :restrictedServices => list(String.t()) | nil,
          :vpcAccessibleServices =>
            GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices.t()
            | nil
        }

  field(:accessLevels, type: :list)

  field(:egressPolicies,
    as: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1EgressPolicy,
    type: :list
  )

  field(:ingressPolicies,
    as: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1IngressPolicy,
    type: :list
  )

  field(:resources, type: :list)
  field(:restrictedServices, type: :list)

  field(:vpcAccessibleServices,
    as: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices
  )
end

defimpl Poison.Decoder,
  for: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig do
  def decode(value, options) do
    GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig.decode(
      value,
      options
    )
  end
end

defimpl Poison.Encoder,
  for: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end