Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.accesscontextmanager/v1beta.getServicePerimeter
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Get a Service Perimeter by resource name.
Using getServicePerimeter
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getServicePerimeter(args: GetServicePerimeterArgs, opts?: InvokeOptions): Promise<GetServicePerimeterResult>
function getServicePerimeterOutput(args: GetServicePerimeterOutputArgs, opts?: InvokeOptions): Output<GetServicePerimeterResult>
def get_service_perimeter(access_policy_id: Optional[str] = None,
service_perimeter_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetServicePerimeterResult
def get_service_perimeter_output(access_policy_id: Optional[pulumi.Input[str]] = None,
service_perimeter_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetServicePerimeterResult]
func LookupServicePerimeter(ctx *Context, args *LookupServicePerimeterArgs, opts ...InvokeOption) (*LookupServicePerimeterResult, error)
func LookupServicePerimeterOutput(ctx *Context, args *LookupServicePerimeterOutputArgs, opts ...InvokeOption) LookupServicePerimeterResultOutput
> Note: This function is named LookupServicePerimeter
in the Go SDK.
public static class GetServicePerimeter
{
public static Task<GetServicePerimeterResult> InvokeAsync(GetServicePerimeterArgs args, InvokeOptions? opts = null)
public static Output<GetServicePerimeterResult> Invoke(GetServicePerimeterInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetServicePerimeterResult> getServicePerimeter(GetServicePerimeterArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: google-native:accesscontextmanager/v1beta:getServicePerimeter
arguments:
# arguments dictionary
The following arguments are supported:
- Access
Policy stringId - Service
Perimeter stringId
- Access
Policy stringId - Service
Perimeter stringId
- access
Policy StringId - service
Perimeter StringId
- access
Policy stringId - service
Perimeter stringId
- access
Policy StringId - service
Perimeter StringId
getServicePerimeter Result
The following output properties are available:
- Description string
Description of the
ServicePerimeter
and its use. Does not affect behavior.- Name string
Resource name for the
ServicePerimeter
. Format:accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
. Theservice_perimeter
component must begin with a letter, followed by alphanumeric characters or_
. After you create aServicePerimeter
, you cannot change itsname
.- Perimeter
Type string Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
- Status
Pulumi.
Google Native. Access Context Manager. V1Beta. Outputs. Service Perimeter Config Response Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
- Title string
Human readable title. Must be unique within the Policy.
- Description string
Description of the
ServicePerimeter
and its use. Does not affect behavior.- Name string
Resource name for the
ServicePerimeter
. Format:accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
. Theservice_perimeter
component must begin with a letter, followed by alphanumeric characters or_
. After you create aServicePerimeter
, you cannot change itsname
.- Perimeter
Type string Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
- Status
Service
Perimeter Config Response Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
- Title string
Human readable title. Must be unique within the Policy.
- description String
Description of the
ServicePerimeter
and its use. Does not affect behavior.- name String
Resource name for the
ServicePerimeter
. Format:accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
. Theservice_perimeter
component must begin with a letter, followed by alphanumeric characters or_
. After you create aServicePerimeter
, you cannot change itsname
.- perimeter
Type String Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
- status
Service
Perimeter Config Response Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
- title String
Human readable title. Must be unique within the Policy.
- description string
Description of the
ServicePerimeter
and its use. Does not affect behavior.- name string
Resource name for the
ServicePerimeter
. Format:accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
. Theservice_perimeter
component must begin with a letter, followed by alphanumeric characters or_
. After you create aServicePerimeter
, you cannot change itsname
.- perimeter
Type string Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
- status
Service
Perimeter Config Response Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
- title string
Human readable title. Must be unique within the Policy.
- description str
Description of the
ServicePerimeter
and its use. Does not affect behavior.- name str
Resource name for the
ServicePerimeter
. Format:accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
. Theservice_perimeter
component must begin with a letter, followed by alphanumeric characters or_
. After you create aServicePerimeter
, you cannot change itsname
.- perimeter_
type str Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
- status
Service
Perimeter Config Response Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
- title str
Human readable title. Must be unique within the Policy.
- description String
Description of the
ServicePerimeter
and its use. Does not affect behavior.- name String
Resource name for the
ServicePerimeter
. Format:accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}
. Theservice_perimeter
component must begin with a letter, followed by alphanumeric characters or_
. After you create aServicePerimeter
, you cannot change itsname
.- perimeter
Type String Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
- status Property Map
Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
- title String
Human readable title. Must be unique within the Policy.
Supporting Types
ServicePerimeterConfigResponse
- Access
Levels List<string> A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.- Resources List<string>
A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format:
projects/{project_number}
- Restricted
Services List<string> Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.- Unrestricted
Services List<string> Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
- Vpc
Accessible Pulumi.Services Google Native. Access Context Manager. V1Beta. Inputs. Vpc Accessible Services Response Beta. Configuration for APIs allowed within Perimeter.
- Access
Levels []string A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.- Resources []string
A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format:
projects/{project_number}
- Restricted
Services []string Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.- Unrestricted
Services []string Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
- Vpc
Accessible VpcServices Accessible Services Response Beta. Configuration for APIs allowed within Perimeter.
- access
Levels List<String> A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.- resources List<String>
A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format:
projects/{project_number}
- restricted
Services List<String> Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.- unrestricted
Services List<String> Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
- vpc
Accessible VpcServices Accessible Services Response Beta. Configuration for APIs allowed within Perimeter.
- access
Levels string[] A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.- resources string[]
A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format:
projects/{project_number}
- restricted
Services string[] Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.- unrestricted
Services string[] Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
- vpc
Accessible VpcServices Accessible Services Response Beta. Configuration for APIs allowed within Perimeter.
- access_
levels Sequence[str] A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.- resources Sequence[str]
A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format:
projects/{project_number}
- restricted_
services Sequence[str] Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.- unrestricted_
services Sequence[str] Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
- vpc_
accessible_ Vpcservices Accessible Services Response Beta. Configuration for APIs allowed within Perimeter.
- access
Levels List<String> A list of
AccessLevel
resource names that allow resources within theServicePerimeter
to be accessed from the internet.AccessLevels
listed must be in the same policy as thisServicePerimeter
. Referencing a nonexistentAccessLevel
is a syntax error. If noAccessLevel
names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example:"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"
. For Service Perimeter Bridge, must be empty.- resources List<String>
A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format:
projects/{project_number}
- restricted
Services List<String> Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if
storage.googleapis.com
is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.- unrestricted
Services List<String> Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
- vpc
Accessible Property MapServices Beta. Configuration for APIs allowed within Perimeter.
VpcAccessibleServicesResponse
- Allowed
Services List<string> The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
- Enable
Restriction bool Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
- Allowed
Services []string The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
- Enable
Restriction bool Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
- allowed
Services List<String> The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
- enable
Restriction Boolean Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
- allowed
Services string[] The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
- enable
Restriction boolean Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
- allowed_
services Sequence[str] The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
- enable_
restriction bool Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
- allowed
Services List<String> The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
- enable
Restriction Boolean Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.