Docs Packages
  1. Packages
  2. Google Cloud Native
  3. API Docs
  4. accesscontextmanager
  5. accesscontextmanager/v1beta
  6. getServicePerimeter

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
pulumi/pulumi-google-native

google-native.accesscontextmanager/v1beta.getServicePerimeter

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
pulumi/pulumi-google-native

    Get a Service Perimeter by resource name.

    Using getServicePerimeter

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getServicePerimeter(args: GetServicePerimeterArgs, opts?: InvokeOptions): Promise<GetServicePerimeterResult>
function getServicePerimeterOutput(args: GetServicePerimeterOutputArgs, opts?: InvokeOptions): Output<GetServicePerimeterResult>
    def get_service_perimeter(access_policy_id: Optional[str] = None,
                          service_perimeter_id: Optional[str] = None,
                          opts: Optional[InvokeOptions] = None) -> GetServicePerimeterResult
def get_service_perimeter_output(access_policy_id: Optional[pulumi.Input[str]] = None,
                          service_perimeter_id: Optional[pulumi.Input[str]] = None,
                          opts: Optional[InvokeOptions] = None) -> Output[GetServicePerimeterResult]
    func LookupServicePerimeter(ctx *Context, args *LookupServicePerimeterArgs, opts ...InvokeOption) (*LookupServicePerimeterResult, error)
func LookupServicePerimeterOutput(ctx *Context, args *LookupServicePerimeterOutputArgs, opts ...InvokeOption) LookupServicePerimeterResultOutput

    > Note: This function is named LookupServicePerimeter in the Go SDK.

    public static class GetServicePerimeter 
{
    public static Task<GetServicePerimeterResult> InvokeAsync(GetServicePerimeterArgs args, InvokeOptions? opts = null)
    public static Output<GetServicePerimeterResult> Invoke(GetServicePerimeterInvokeArgs args, InvokeOptions? opts = null)
}
    public static CompletableFuture<GetServicePerimeterResult> getServicePerimeter(GetServicePerimeterArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

    fn::invoke:
  function: google-native:accesscontextmanager/v1beta:getServicePerimeter
  arguments:
    # arguments dictionary

    The following arguments are supported:

    getServicePerimeter Result

    The following output properties are available:

    Description string
    Description of the ServicePerimeter and its use. Does not affect behavior.
    Name string
    Resource name for the ServicePerimeter. Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}. The service_perimeter component must begin with a letter, followed by alphanumeric characters or _. After you create a ServicePerimeter, you cannot change its name.
    PerimeterType string
    Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
    Status Pulumi.GoogleNative.AccessContextManager.V1Beta.Outputs.ServicePerimeterConfigResponse
    Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
    Title string
    Human readable title. Must be unique within the Policy.
    Description string
    Description of the ServicePerimeter and its use. Does not affect behavior.
    Name string
    Resource name for the ServicePerimeter. Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}. The service_perimeter component must begin with a letter, followed by alphanumeric characters or _. After you create a ServicePerimeter, you cannot change its name.
    PerimeterType string
    Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
    Status ServicePerimeterConfigResponse
    Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
    Title string
    Human readable title. Must be unique within the Policy.
    description String
    Description of the ServicePerimeter and its use. Does not affect behavior.
    name String
    Resource name for the ServicePerimeter. Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}. The service_perimeter component must begin with a letter, followed by alphanumeric characters or _. After you create a ServicePerimeter, you cannot change its name.
    perimeterType String
    Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
    status ServicePerimeterConfigResponse
    Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
    title String
    Human readable title. Must be unique within the Policy.
    description string
    Description of the ServicePerimeter and its use. Does not affect behavior.
    name string
    Resource name for the ServicePerimeter. Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}. The service_perimeter component must begin with a letter, followed by alphanumeric characters or _. After you create a ServicePerimeter, you cannot change its name.
    perimeterType string
    Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
    status ServicePerimeterConfigResponse
    Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
    title string
    Human readable title. Must be unique within the Policy.
    description str
    Description of the ServicePerimeter and its use. Does not affect behavior.
    name str
    Resource name for the ServicePerimeter. Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}. The service_perimeter component must begin with a letter, followed by alphanumeric characters or _. After you create a ServicePerimeter, you cannot change its name.
    perimeter_type str
    Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
    status ServicePerimeterConfigResponse
    Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
    title str
    Human readable title. Must be unique within the Policy.
    description String
    Description of the ServicePerimeter and its use. Does not affect behavior.
    name String
    Resource name for the ServicePerimeter. Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}. The service_perimeter component must begin with a letter, followed by alphanumeric characters or _. After you create a ServicePerimeter, you cannot change its name.
    perimeterType String
    Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
    status Property Map
    Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
    title String
    Human readable title. Must be unique within the Policy.

    Supporting Types

    ServicePerimeterConfigResponse

    AccessLevels List<string>
    A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
    Resources List<string>
    A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
    RestrictedServices List<string>
    Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
    UnrestrictedServices List<string>
    Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    Deprecated: Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    VpcAccessibleServices Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.VpcAccessibleServicesResponse
    Beta. Configuration for APIs allowed within Perimeter.
    AccessLevels []string
    A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
    Resources []string
    A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
    RestrictedServices []string
    Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
    UnrestrictedServices []string
    Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    Deprecated: Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    VpcAccessibleServices VpcAccessibleServicesResponse
    Beta. Configuration for APIs allowed within Perimeter.
    accessLevels List<String>
    A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
    resources List<String>
    A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
    restrictedServices List<String>
    Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
    unrestrictedServices List<String>
    Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    Deprecated: Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    vpcAccessibleServices VpcAccessibleServicesResponse
    Beta. Configuration for APIs allowed within Perimeter.
    accessLevels string[]
    A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
    resources string[]
    A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
    restrictedServices string[]
    Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
    unrestrictedServices string[]
    Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    Deprecated: Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    vpcAccessibleServices VpcAccessibleServicesResponse
    Beta. Configuration for APIs allowed within Perimeter.
    access_levels Sequence[str]
    A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
    resources Sequence[str]
    A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
    restricted_services Sequence[str]
    Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
    unrestricted_services Sequence[str]
    Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    Deprecated: Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    vpc_accessible_services VpcAccessibleServicesResponse
    Beta. Configuration for APIs allowed within Perimeter.
    accessLevels List<String>
    A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service Perimeter Bridge, must be empty.
    resources List<String>
    A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}
    restrictedServices List<String>
    Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
    unrestrictedServices List<String>
    Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    Deprecated: Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.

    vpcAccessibleServices Property Map
    Beta. Configuration for APIs allowed within Perimeter.

    VpcAccessibleServicesResponse

    AllowedServices List<string>
    The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
    EnableRestriction bool
    Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
    AllowedServices []string
    The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
    EnableRestriction bool
    Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
    allowedServices List<String>
    The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
    enableRestriction Boolean
    Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
    allowedServices string[]
    The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
    enableRestriction boolean
    Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
    allowed_services Sequence[str]
    The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
    enable_restriction bool
    Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
    allowedServices List<String>
    The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
    enableRestriction Boolean
    Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
    pulumi/pulumi-google-native