Network Services V1 API - Class Google::Cloud::NetworkServices::V1::AuthzExtension (v2.3.0)

Reference documentation and code samples for the Network Services V1 API class Google::Cloud::NetworkServices::V1::AuthzExtension.

AuthzExtension is a resource that allows traffic forwarding to a callout backend service to make an authorization decision.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#authority

def authority() -> ::String
Returns
  • (::String) — Required. The :authority header in the gRPC request sent from Envoy to the extension service.

#authority=

def authority=(value) -> ::String
Parameter
  • value (::String) — Required. The :authority header in the gRPC request sent from Envoy to the extension service.
Returns
  • (::String) — Required. The :authority header in the gRPC request sent from Envoy to the extension service.

#create_time

def create_time() -> ::Google::Protobuf::Timestamp
Returns

#description

def description() -> ::String
Returns
  • (::String) — Optional. A human-readable description of the resource.

#description=

def description=(value) -> ::String
Parameter
  • value (::String) — Optional. A human-readable description of the resource.
Returns
  • (::String) — Optional. A human-readable description of the resource.

#fail_open

def fail_open() -> ::Boolean
Returns
  • (::Boolean) —

    Optional. Determines how the proxy behaves if the call to the extension fails or times out.

    When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. When set to FALSE or the default setting of FALSE is used, one of the following happens:

    • If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer.

    • If response headers have been delivered, then the HTTP stream to the downstream client is reset.

#fail_open=

def fail_open=(value) -> ::Boolean
Parameter
  • value (::Boolean) —

    Optional. Determines how the proxy behaves if the call to the extension fails or times out.

    When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. When set to FALSE or the default setting of FALSE is used, one of the following happens:

    • If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer.

    • If response headers have been delivered, then the HTTP stream to the downstream client is reset.

Returns
  • (::Boolean) —

    Optional. Determines how the proxy behaves if the call to the extension fails or times out.

    When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. When set to FALSE or the default setting of FALSE is used, one of the following happens:

    • If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer.

    • If response headers have been delivered, then the HTTP stream to the downstream client is reset.

#forward_headers

def forward_headers() -> ::Array<::String>
Returns
  • (::Array<::String>) — Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent. Each element is a string indicating the header name.

#forward_headers=

def forward_headers=(value) -> ::Array<::String>
Parameter
  • value (::Array<::String>) — Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent. Each element is a string indicating the header name.
Returns
  • (::Array<::String>) — Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent. Each element is a string indicating the header name.

#labels

def labels() -> ::Google::Protobuf::Map{::String => ::String}
Returns
  • (::Google::Protobuf::Map{::String => ::String}) — Optional. Set of labels associated with the AuthzExtension resource.

    The format must comply with the requirements for labels for Google Cloud resources.

#labels=

def labels=(value) -> ::Google::Protobuf::Map{::String => ::String}
Parameter
  • value (::Google::Protobuf::Map{::String => ::String}) — Optional. Set of labels associated with the AuthzExtension resource.

    The format must comply with the requirements for labels for Google Cloud resources.

Returns
  • (::Google::Protobuf::Map{::String => ::String}) — Optional. Set of labels associated with the AuthzExtension resource.

    The format must comply with the requirements for labels for Google Cloud resources.

#load_balancing_scheme

def load_balancing_scheme() -> ::Google::Cloud::NetworkServices::V1::LoadBalancingScheme
Returns

#load_balancing_scheme=

def load_balancing_scheme=(value) -> ::Google::Cloud::NetworkServices::V1::LoadBalancingScheme
Parameter
Returns

#metadata

def metadata() -> ::Google::Protobuf::Struct
Returns
  • (::Google::Protobuf::Struct) — Optional. The metadata provided here is included as part of the metadata_context (of type google.protobuf.Struct) in the ProcessingRequest message sent to the extension server. The metadata is available under the namespace com.google.authz_extension.<resource_name>. The following variables are supported in the metadata Struct:

    {forwarding_rule_id} - substituted with the forwarding rule's fully qualified resource name.

#metadata=

def metadata=(value) -> ::Google::Protobuf::Struct
Parameter
  • value (::Google::Protobuf::Struct) — Optional. The metadata provided here is included as part of the metadata_context (of type google.protobuf.Struct) in the ProcessingRequest message sent to the extension server. The metadata is available under the namespace com.google.authz_extension.<resource_name>. The following variables are supported in the metadata Struct:

    {forwarding_rule_id} - substituted with the forwarding rule's fully qualified resource name.

Returns
  • (::Google::Protobuf::Struct) — Optional. The metadata provided here is included as part of the metadata_context (of type google.protobuf.Struct) in the ProcessingRequest message sent to the extension server. The metadata is available under the namespace com.google.authz_extension.<resource_name>. The following variables are supported in the metadata Struct:

    {forwarding_rule_id} - substituted with the forwarding rule's fully qualified resource name.

#name

def name() -> ::String
Returns
  • (::String) — Required. Identifier. Name of the AuthzExtension resource in the following format: projects/{project}/locations/{location}/authzExtensions/{authz_extension}.

#name=

def name=(value) -> ::String
Parameter
  • value (::String) — Required. Identifier. Name of the AuthzExtension resource in the following format: projects/{project}/locations/{location}/authzExtensions/{authz_extension}.
Returns
  • (::String) — Required. Identifier. Name of the AuthzExtension resource in the following format: projects/{project}/locations/{location}/authzExtensions/{authz_extension}.

#service

def service() -> ::String
Returns
  • (::String) — Required. The reference to the service that runs the extension.

    To configure a callout extension, service must be a fully-qualified reference to a backend service in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService} or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}.

#service=

def service=(value) -> ::String
Parameter
  • value (::String) — Required. The reference to the service that runs the extension.

    To configure a callout extension, service must be a fully-qualified reference to a backend service in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService} or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}.

Returns
  • (::String) — Required. The reference to the service that runs the extension.

    To configure a callout extension, service must be a fully-qualified reference to a backend service in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService} or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}.

#timeout

def timeout() -> ::Google::Protobuf::Duration
Returns
  • (::Google::Protobuf::Duration) — Required. Specifies the timeout for each individual message on the stream. The timeout must be between 10-10000 milliseconds.

#timeout=

def timeout=(value) -> ::Google::Protobuf::Duration
Parameter
  • value (::Google::Protobuf::Duration) — Required. Specifies the timeout for each individual message on the stream. The timeout must be between 10-10000 milliseconds.
Returns
  • (::Google::Protobuf::Duration) — Required. Specifies the timeout for each individual message on the stream. The timeout must be between 10-10000 milliseconds.

#update_time

def update_time() -> ::Google::Protobuf::Timestamp
Returns

#wire_format

def wire_format() -> ::Google::Cloud::NetworkServices::V1::WireFormat
Returns

#wire_format=

def wire_format=(value) -> ::Google::Cloud::NetworkServices::V1::WireFormat
Parameter
Returns