ingress_rules
Creates, updates, deletes, gets or lists an ingress_rules resource.
Overview
| Name | ingress_rules |
| Type | Resource |
| Id | google.appengine.ingress_rules |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
action | string | The action to take on matched requests. |
description | string | An optional string description of this rule. This field has a maximum length of 400 characters. |
priority | integer (int32) | |
sourceRange | string | IP address or range, defined using CIDR notation, of requests that this rule applies to. You can use the wildcard character "*" to match all IPs equivalent to "0/0" and "::/0" together. Examples: 192.168.1.1 or 192.168.0.0/16 or 2001:db8::/32 or 2001:0db8:0000:0042:0000:8a2e:0370:7334. Truncation will be silently performed on addresses which are not properly truncated. For example, 1.2.3.4/24 is accepted as the same address as 1.2.3.0/24. Similarly, for IPv6, 2001:db8::1/32 is accepted as the same address as 2001:db8::/32. |
Successful response
| Name | Datatype | Description |
|---|---|---|
action | string | The action to take on matched requests. |
description | string | An optional string description of this rule. This field has a maximum length of 400 characters. |
priority | integer (int32) | |
sourceRange | string | IP address or range, defined using CIDR notation, of requests that this rule applies to. You can use the wildcard character "*" to match all IPs equivalent to "0/0" and "::/0" together. Examples: 192.168.1.1 or 192.168.0.0/16 or 2001:db8::/32 or 2001:0db8:0000:0042:0000:8a2e:0370:7334. Truncation will be silently performed on addresses which are not properly truncated. For example, 1.2.3.4/24 is accepted as the same address as 1.2.3.0/24. Similarly, for IPv6, 2001:db8::1/32 is accepted as the same address as 2001:db8::/32. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | appsId, ingressRulesId | Gets the specified firewall rule. | |
list | select | appsId | pageSize, pageToken, matchingAddress | Lists the firewall rules of an application. |
create | insert | appsId | Creates a firewall rule for the application. | |
patch | update | appsId, ingressRulesId | updateMask | Updates the specified firewall rule. |
batch_update | update | appsId | Replaces the entire firewall ruleset in one bulk operation. This overrides and replaces the rules of an existing firewall with the new rules.If the final rule does not match traffic with the '*' wildcard IP range, then an "allow all" rule is explicitly added to the end of the list. | |
delete | delete | appsId, ingressRulesId | Deletes the specified firewall rule. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
appsId | string | |
ingressRulesId | string | |
matchingAddress | string | |
pageSize | integer (int32) | |
pageToken | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- get
- list
Gets the specified firewall rule.
SELECT
action,
description,
priority,
sourceRange
FROM google.appengine.ingress_rules
WHERE appsId = '{{ appsId }}' -- required
AND ingressRulesId = '{{ ingressRulesId }}' -- required;
Lists the firewall rules of an application.
SELECT
action,
description,
priority,
sourceRange
FROM google.appengine.ingress_rules
WHERE appsId = '{{ appsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND matchingAddress = '{{ matchingAddress }}';
INSERT examples
- create
- Manifest
Creates a firewall rule for the application.
INSERT INTO google.appengine.ingress_rules (
data__priority,
data__action,
data__sourceRange,
data__description,
appsId
)
SELECT
{{ priority }},
'{{ action }}',
'{{ sourceRange }}',
'{{ description }}',
'{{ appsId }}'
RETURNING
action,
description,
priority,
sourceRange
;
# Description fields are for documentation purposes
- name: ingress_rules
props:
- name: appsId
value: string
description: Required parameter for the ingress_rules resource.
- name: priority
value: integer
- name: action
value: string
description: >
The action to take on matched requests.
valid_values: ['UNSPECIFIED_ACTION', 'ALLOW', 'DENY']
- name: sourceRange
value: string
description: >
IP address or range, defined using CIDR notation, of requests that this rule applies to. You can use the wildcard character "*" to match all IPs equivalent to "0/0" and "::/0" together. Examples: 192.168.1.1 or 192.168.0.0/16 or 2001:db8::/32 or 2001:0db8:0000:0042:0000:8a2e:0370:7334. Truncation will be silently performed on addresses which are not properly truncated. For example, 1.2.3.4/24 is accepted as the same address as 1.2.3.0/24. Similarly, for IPv6, 2001:db8::1/32 is accepted as the same address as 2001:db8::/32.
- name: description
value: string
description: >
An optional string description of this rule. This field has a maximum length of 400 characters.
UPDATE examples
- patch
- batch_update
Updates the specified firewall rule.
UPDATE google.appengine.ingress_rules
SET
data__priority = {{ priority }},
data__action = '{{ action }}',
data__sourceRange = '{{ sourceRange }}',
data__description = '{{ description }}'
WHERE
appsId = '{{ appsId }}' --required
AND ingressRulesId = '{{ ingressRulesId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
action,
description,
priority,
sourceRange;
Replaces the entire firewall ruleset in one bulk operation. This overrides and replaces the rules of an existing firewall with the new rules.If the final rule does not match traffic with the '*' wildcard IP range, then an "allow all" rule is explicitly added to the end of the list.
UPDATE google.appengine.ingress_rules
SET
data__ingressRules = '{{ ingressRules }}'
WHERE
appsId = '{{ appsId }}' --required
RETURNING
ingressRules;
DELETE examples
- delete
Deletes the specified firewall rule.
DELETE FROM google.appengine.ingress_rules
WHERE appsId = '{{ appsId }}' --required
AND ingressRulesId = '{{ ingressRulesId }}' --required;