EgressFrom
import type { EgressFrom } from "https://googleapis.deno.dev/v1/accesscontextmanager:v1.ts";
Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.
§Properties
A list of identities that are allowed access through [EgressPolicy].
Identities can be an individual user, service account, Google group, or
third-party identity. The v1
identities that have the prefix user
,
group
, serviceAccount
, principal
, and principalSet
in
https://cloud.google.com/iam/docs/principal-identifiers#v1 are supported.
Specifies the type of identities that are allowed access to outside the
perimeter. If left unspecified, then members of identities
field will be
allowed access.
Whether to enforce traffic restrictions based on sources
field. If the
sources
fields is non-empty, then this field must be set to
SOURCE_RESTRICTION_ENABLED
.
Sources that this EgressPolicy authorizes access from. If this field is
not empty, then source_restriction
must be set to
SOURCE_RESTRICTION_ENABLED
.