Google Cloud Compute V1 API - Class Google::Cloud::Compute::V1::SecuritySettings (v3.5.0)

Reference documentation and code samples for the Google Cloud Compute V1 API class Google::Cloud::Compute::V1::SecuritySettings.

The authentication and authorization settings for a BackendService.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#aws_v4_authentication

def aws_v4_authentication() -> ::Google::Cloud::Compute::V1::AWSV4Signature
Returns
  • (::Google::Cloud::Compute::V1::AWSV4Signature) — The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

#aws_v4_authentication=

def aws_v4_authentication=(value) -> ::Google::Cloud::Compute::V1::AWSV4Signature
Parameter
  • value (::Google::Cloud::Compute::V1::AWSV4Signature) — The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.
Returns
  • (::Google::Cloud::Compute::V1::AWSV4Signature) — The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends.

#client_tls_policy

def client_tls_policy() -> ::String
Returns
  • (::String) — Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.

    clientTlsPolicy only applies to a globalBackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.

    If left blank, communications are not encrypted.

#client_tls_policy=

def client_tls_policy=(value) -> ::String
Parameter
  • value (::String) — Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.

    clientTlsPolicy only applies to a globalBackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.

    If left blank, communications are not encrypted.

Returns
  • (::String) — Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.

    clientTlsPolicy only applies to a globalBackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.

    If left blank, communications are not encrypted.

#subject_alt_names

def subject_alt_names() -> ::Array<::String>
Returns
  • (::Array<::String>) — Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for thisBackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate'ssubjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.

    Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.

    Only applies to a global BackendService withloadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attachedclientTlsPolicy with clientCertificate (mTLS mode).

#subject_alt_names=

def subject_alt_names=(value) -> ::Array<::String>
Parameter
  • value (::Array<::String>) — Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for thisBackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate'ssubjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.

    Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.

    Only applies to a global BackendService withloadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attachedclientTlsPolicy with clientCertificate (mTLS mode).

Returns
  • (::Array<::String>) — Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for thisBackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate'ssubjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.

    Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.

    Only applies to a global BackendService withloadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attachedclientTlsPolicy with clientCertificate (mTLS mode).