rules

Creates, updates, deletes, gets or lists a rules resource.

Overview

Name	`rules`
Type	Resource
Id	`google.networksecurity.rules`

Fields

The following fields are returned by SELECT queries:

projects_locations_gateway_security_policies_rules_get
projects_locations_gateway_security_policies_rules_list

Successful response

Name	Datatype	Description
`name`	`string`	Required. Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
`applicationMatcher`	`string`	Optional. CEL expression for matching on L7/application level criteria.
`basicProfile`	`string`	Required. Profile which tells what the primitive action should be.
`createTime`	`string (google-datetime)`	Output only. Time when the rule was created.
`description`	`string`	Optional. Free-text description of the resource.
`enabled`	`boolean`	Required. Whether the rule is enforced.
`priority`	`integer (int32)`	Required. Priority of the rule. Lower number corresponds to higher precedence.
`sessionMatcher`	`string`	Required. CEL expression for matching on session criteria.
`tlsInspectionEnabled`	`boolean`	Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
`updateTime`	`string (google-datetime)`	Output only. Time when the rule was updated.

Successful response

Name	Datatype	Description
`name`	`string`	Required. Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
`applicationMatcher`	`string`	Optional. CEL expression for matching on L7/application level criteria.
`basicProfile`	`string`	Required. Profile which tells what the primitive action should be.
`createTime`	`string (google-datetime)`	Output only. Time when the rule was created.
`description`	`string`	Optional. Free-text description of the resource.
`enabled`	`boolean`	Required. Whether the rule is enforced.
`priority`	`integer (int32)`	Required. Priority of the rule. Lower number corresponds to higher precedence.
`sessionMatcher`	`string`	Required. CEL expression for matching on session criteria.
`tlsInspectionEnabled`	`boolean`	Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
`updateTime`	`string (google-datetime)`	Output only. Time when the rule was updated.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`projects_locations_gateway_security_policies_rules_get`	`select`	`projectsId`, `locationsId`, `gatewaySecurityPoliciesId`, `rulesId`		Gets details of a single GatewaySecurityPolicyRule.
`projects_locations_gateway_security_policies_rules_list`	`select`	`projectsId`, `locationsId`, `gatewaySecurityPoliciesId`	`pageSize`, `pageToken`	Lists GatewaySecurityPolicyRules in a given project and location.
`projects_locations_gateway_security_policies_rules_create`	`insert`	`projectsId`, `locationsId`, `gatewaySecurityPoliciesId`	`gatewaySecurityPolicyRuleId`	Creates a new GatewaySecurityPolicy in a given project and location.
`projects_locations_gateway_security_policies_rules_patch`	`update`	`projectsId`, `locationsId`, `gatewaySecurityPoliciesId`, `rulesId`	`updateMask`	Updates the parameters of a single GatewaySecurityPolicyRule.
`projects_locations_gateway_security_policies_rules_delete`	`delete`	`projectsId`, `locationsId`, `gatewaySecurityPoliciesId`, `rulesId`		Deletes a single GatewaySecurityPolicyRule.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`gatewaySecurityPoliciesId`	`string`
`locationsId`	`string`
`projectsId`	`string`
`rulesId`	`string`
`gatewaySecurityPolicyRuleId`	`string`
`pageSize`	`integer (int32)`
`pageToken`	`string`
`updateMask`	`string (google-fieldmask)`

`SELECT` examples

projects_locations_gateway_security_policies_rules_get
projects_locations_gateway_security_policies_rules_list

Gets details of a single GatewaySecurityPolicyRule.

SELECT
name,
applicationMatcher,
basicProfile,
createTime,
description,
enabled,
priority,
sessionMatcher,
tlsInspectionEnabled,
updateTime
FROM google.networksecurity.rules
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND gatewaySecurityPoliciesId = '{{ gatewaySecurityPoliciesId }}' -- required
AND rulesId = '{{ rulesId }}' -- required;

Lists GatewaySecurityPolicyRules in a given project and location.

SELECT
name,
applicationMatcher,
basicProfile,
createTime,
description,
enabled,
priority,
sessionMatcher,
tlsInspectionEnabled,
updateTime
FROM google.networksecurity.rules
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND gatewaySecurityPoliciesId = '{{ gatewaySecurityPoliciesId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}';

`INSERT` examples

projects_locations_gateway_security_policies_rules_create
Manifest

Creates a new GatewaySecurityPolicy in a given project and location.

INSERT INTO google.networksecurity.rules (
data__basicProfile,
data__name,
data__enabled,
data__priority,
data__description,
data__sessionMatcher,
data__applicationMatcher,
data__tlsInspectionEnabled,
projectsId,
locationsId,
gatewaySecurityPoliciesId,
gatewaySecurityPolicyRuleId
)
SELECT 
'{{ basicProfile }}',
'{{ name }}',
{{ enabled }},
{{ priority }},
'{{ description }}',
'{{ sessionMatcher }}',
'{{ applicationMatcher }}',
{{ tlsInspectionEnabled }},
'{{ projectsId }}',
'{{ locationsId }}',
'{{ gatewaySecurityPoliciesId }}',
'{{ gatewaySecurityPolicyRuleId }}'
RETURNING
name,
done,
error,
metadata,
response
;

# Description fields are for documentation purposes
- name: rules
  props:
    - name: projectsId
      value: string
      description: Required parameter for the rules resource.
    - name: locationsId
      value: string
      description: Required parameter for the rules resource.
    - name: gatewaySecurityPoliciesId
      value: string
      description: Required parameter for the rules resource.
    - name: basicProfile
      value: string
      description: >
        Required. Profile which tells what the primitive action should be.
        
      valid_values: ['BASIC_PROFILE_UNSPECIFIED', 'ALLOW', 'DENY']
    - name: name
      value: string
      description: >
        Required. Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^&#91;a-z&#93;([a-z0-9-]{0,61}[a-z0-9])?$).
        
    - name: enabled
      value: boolean
      description: >
        Required. Whether the rule is enforced.
        
    - name: priority
      value: integer
      description: >
        Required. Priority of the rule. Lower number corresponds to higher precedence.
        
    - name: description
      value: string
      description: >
        Optional. Free-text description of the resource.
        
    - name: sessionMatcher
      value: string
      description: >
        Required. CEL expression for matching on session criteria.
        
    - name: applicationMatcher
      value: string
      description: >
        Optional. CEL expression for matching on L7/application level criteria.
        
    - name: tlsInspectionEnabled
      value: boolean
      description: >
        Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
        
    - name: gatewaySecurityPolicyRuleId
      value: string

`UPDATE` examples

projects_locations_gateway_security_policies_rules_patch

Updates the parameters of a single GatewaySecurityPolicyRule.

UPDATE google.networksecurity.rules
SET 
data__basicProfile = '{{ basicProfile }}',
data__name = '{{ name }}',
data__enabled = {{ enabled }},
data__priority = {{ priority }},
data__description = '{{ description }}',
data__sessionMatcher = '{{ sessionMatcher }}',
data__applicationMatcher = '{{ applicationMatcher }}',
data__tlsInspectionEnabled = {{ tlsInspectionEnabled }}
WHERE 
projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND gatewaySecurityPoliciesId = '{{ gatewaySecurityPoliciesId }}' --required
AND rulesId = '{{ rulesId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;

`DELETE` examples

projects_locations_gateway_security_policies_rules_delete

Deletes a single GatewaySecurityPolicyRule.

DELETE FROM google.networksecurity.rules
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND gatewaySecurityPoliciesId = '{{ gatewaySecurityPoliciesId }}' --required
AND rulesId = '{{ rulesId }}' --required;

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

UPDATE examples​

DELETE examples​